[PATCH] Fix bug #9878 - force user does not work as expected.
Andreas Schneider
asn at samba.org
Wed Mar 19 09:58:47 MDT 2014
On Wednesday 19 March 2014 08:43:56 Jeremy Allison wrote:
> On Wed, Mar 19, 2014 at 04:16:16PM +0100, Andreas Schneider wrote:
> > Houston, we have a problem!
> >
> > I have a print$ share with force group which stops working after this
> > patch!
> >
> > [print$]
> >
> > comment = Printer Drivers
> > path = /var/lib/samba/drivers
> > write list = @ntadmin root
> > force group = ntadmin
> > create mask = 0664
> > directory mask = 0775
> >
> > I'm connecting as LEVEL1+Administrator who is a member of the group
> > ntadmin. I'm not able to upload printer drivers after the patch is
> > applied. If I revert the patch, I can upload printer drivers again.
>
> Debug level 10 logs please...
>
> Jeremy.
This is the log giving me an error pushing the files to the print$ share. If
you want a log with the patch reverted let me know.
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
[2014/03/19 16:57:13.487080, 6, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2609(lp_file_list_changed)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Mar 19 16:06:44 2014
[2014/03/19 16:57:13.487296, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/access.c:338(allow_access)
Allowed connection from 192.168.100.137 (192.168.100.137)
[2014/03/19 16:57:13.487332, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:3569(smbd_process)
Connection allowed from ipv4:192.168.100.137:55326 to ipv4:192.168.100.197:445
[2014/03/19 16:57:13.487568, 3, pid=24712, effective(0, 0), real(0, 0), class=locking] ../source3/smbd/oplock.c:784(init_oplocks)
init_oplocks: initializing messages.
[2014/03/19 16:57:13.487606, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 774 - private_data=0x7f5de5857100
[2014/03/19 16:57:13.487639, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 778 - private_data=0x7f5de5857100
[2014/03/19 16:57:13.487670, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 770 - private_data=0x7f5de5857100
[2014/03/19 16:57:13.487701, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 787 - private_data=0x7f5de5857100
[2014/03/19 16:57:13.487731, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 779 - private_data=0x7f5de5857100
[2014/03/19 16:57:13.487764, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 15 - private_data=(nil)
[2014/03/19 16:57:13.487796, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:309(messaging_register)
Overriding messaging pointer for type 15 - private_data=(nil)
[2014/03/19 16:57:13.487829, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:341(messaging_deregister)
Deregistering messaging pointer for type 16 - private_data=(nil)
[2014/03/19 16:57:13.487860, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 16 - private_data=0x7f5de5857100
[2014/03/19 16:57:13.487903, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:341(messaging_deregister)
Deregistering messaging pointer for type 33 - private_data=0x7f5de583a930
[2014/03/19 16:57:13.487949, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 33 - private_data=0x7f5de5857100
[2014/03/19 16:57:13.488046, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:341(messaging_deregister)
Deregistering messaging pointer for type 790 - private_data=(nil)
[2014/03/19 16:57:13.488083, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 790 - private_data=0x7f5de5857100
[2014/03/19 16:57:13.488115, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:341(messaging_deregister)
Deregistering messaging pointer for type 791 - private_data=(nil)
[2014/03/19 16:57:13.488145, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:341(messaging_deregister)
Deregistering messaging pointer for type 1 - private_data=(nil)
[2014/03/19 16:57:13.488175, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:294(messaging_register)
Registering messaging pointer for type 1 - private_data=(nil)
[2014/03/19 16:57:13.488225, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/events.c:483(event_add_idle)
event_add_idle: idle_evt(keepalive) 0x7f5de58413a0
[2014/03/19 16:57:13.488262, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/events.c:483(event_add_idle)
event_add_idle: idle_evt(deadtime) 0x7f5de5855e60
[2014/03/19 16:57:13.488303, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/events.c:483(event_add_idle)
event_add_idle: idle_evt(housekeeping) 0x7f5de583aad0
[2014/03/19 16:57:13.488391, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:332(read_smb_length_return_keepalive)
got smb length of 104
[2014/03/19 16:57:13.488466, 6, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1801(process_smb)
got message type 0x0 of len 0x68
[2014/03/19 16:57:13.488502, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1803(process_smb)
Transaction 0 of length 108 (0 toread)
[2014/03/19 16:57:13.488602, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2937(smbd_smb2_first_negprot)
smbd_smb2_first_negprot: packet length 108
[2014/03/19 16:57:13.488681, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 0 (position 0) from bitmap
[2014/03/19 16:57:13.488730, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_NEGPROT] mid = 0
[2014/03/19 16:57:13.488818, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:13.488880, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:13.488917, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:13.488969, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2014/03/19 16:57:13.489094, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/util.c:1277(set_remote_arch)
set_remote_arch: Client arch is 'Vista'
[2014/03/19 16:57:13.489155, 6, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2609(lp_file_list_changed)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Mar 19 16:06:44 2014
[2014/03/19 16:57:13.489215, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_negprot.c:243(smbd_smb2_request_process_negprot)
Selected protocol SMB2_10
[2014/03/19 16:57:13.489279, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:462(make_auth_context_subsystem)
Making default auth method list for server role = 'domain member'
[2014/03/19 16:57:13.489329, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend sam
[2014/03/19 16:57:13.489367, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'sam'
[2014/03/19 16:57:13.489398, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend sam_ignoredomain
[2014/03/19 16:57:13.489432, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'sam_ignoredomain'
[2014/03/19 16:57:13.489466, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend unix
[2014/03/19 16:57:13.489531, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'unix'
[2014/03/19 16:57:13.489565, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend winbind
[2014/03/19 16:57:13.489605, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'winbind'
[2014/03/19 16:57:13.489639, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend wbc
[2014/03/19 16:57:13.489672, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'wbc'
[2014/03/19 16:57:13.489720, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend trustdomain
[2014/03/19 16:57:13.489753, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'trustdomain'
[2014/03/19 16:57:13.489785, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend ntdomain
[2014/03/19 16:57:13.489817, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'ntdomain'
[2014/03/19 16:57:13.489851, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend guest
[2014/03/19 16:57:13.489884, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'guest'
[2014/03/19 16:57:13.489915, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth)
Attempting to register auth backend name_to_ntstatus
[2014/03/19 16:57:13.489947, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth)
Successfully added auth method 'name_to_ntstatus'
[2014/03/19 16:57:13.489978, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:363(load_auth_module)
load_auth_module: Attempting to find an auth method to match guest
[2014/03/19 16:57:13.490057, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:388(load_auth_module)
load_auth_module: auth method guest has a valid init
[2014/03/19 16:57:13.490116, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:363(load_auth_module)
load_auth_module: Attempting to find an auth method to match sam
[2014/03/19 16:57:13.490154, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:388(load_auth_module)
load_auth_module: auth method sam has a valid init
[2014/03/19 16:57:13.490187, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:363(load_auth_module)
load_auth_module: Attempting to find an auth method to match winbind:ntdomain
[2014/03/19 16:57:13.490220, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:363(load_auth_module)
load_auth_module: Attempting to find an auth method to match ntdomain
[2014/03/19 16:57:13.490257, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:388(load_auth_module)
load_auth_module: auth method ntdomain has a valid init
[2014/03/19 16:57:13.490289, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:388(load_auth_module)
load_auth_module: auth method winbind has a valid init
[2014/03/19 16:57:13.492571, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'gssapi_spnego' registered
[2014/03/19 16:57:13.492712, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'gssapi_krb5' registered
[2014/03/19 16:57:13.492775, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'gssapi_krb5_sasl' registered
[2014/03/19 16:57:13.501202, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'sasl-DIGEST-MD5' registered
[2014/03/19 16:57:13.501258, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'spnego' registered
[2014/03/19 16:57:13.501291, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'schannel' registered
[2014/03/19 16:57:13.501319, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'sasl-EXTERNAL' registered
[2014/03/19 16:57:13.501348, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'ntlmssp' registered
[2014/03/19 16:57:13.501391, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'krb5' registered
[2014/03/19 16:57:13.501421, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:885(gensec_register)
GENSEC backend 'fake_gssapi_krb5' registered
[2014/03/19 16:57:13.501558, 5, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:664(gensec_start_mech)
Starting GENSEC mechanism spnego
[2014/03/19 16:57:13.501634, 5, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:664(gensec_start_mech)
Starting GENSEC submechanism gse_krb5
[2014/03/19 16:57:13.627602, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[64] dyn[yes:96] at ../source3/smbd/smb2_negprot.c:387
[2014/03/19 16:57:13.627659, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 31, charge 1, granted 1, current possible/max 512/512, total granted/max/low/range 1/8192/1/1
[2014/03/19 16:57:13.629199, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:13.629252, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 1 (position 1) from bitmap
[2014/03/19 16:57:13.629305, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_SESSSETUP] mid = 1
[2014/03/19 16:57:13.629338, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:13.629367, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:13.629394, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:13.629437, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2014/03/19 16:57:13.629503, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_session_global.tdb
[2014/03/19 16:57:13.629556, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_session_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:13.629588, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key FE74F04B
[2014/03/19 16:57:13.629623, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de58608e0
[2014/03/19 16:57:13.629936, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:844(smbXsrv_session_global_store)
[2014/03/19 16:57:13.629967, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:846(smbXsrv_session_global_store)
smbXsrv_session_global_store: key 'FE74F04B' stored
[2014/03/19 16:57:13.630041, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_session_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_session_globalU(case 0)
info0 : *
info0: struct smbXsrv_session_global0
db_rec : *
session_global_id : 0xfe74f04b (4269076555)
session_wire_id : 0x00000000fe74f04b (4269076555)
creation_time : Wed Mar 19 04:57:14 PM 2014 CET
expiration_time : Thu Jan 1 01:00:00 AM 1970 CET
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0210 (528)
signing_required : 0x00 (0)
encryption_required : 0x00 (0)
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
local_address : 'ipv4:192.168.100.197:445'
remote_address : 'ipv4:192.168.100.137:55326'
remote_name : '192.168.100.137'
auth_session_info_seqnum : 0x00000000 (0)
[2014/03/19 16:57:13.630490, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key FE74F04B
[2014/03/19 16:57:13.630525, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_session_global.tdb
[2014/03/19 16:57:13.630556, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:13.630588, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:1206(smbXsrv_session_create)
[2014/03/19 16:57:13.630619, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:1214(smbXsrv_session_create)
smbXsrv_session_create: global_id (0xfe74f04b) stored
[2014/03/19 16:57:13.630650, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&session_blob: struct smbXsrv_sessionB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_sessionU(case 0)
info0 : *
info0: struct smbXsrv_session
table : *
db_rec : NULL
connection : *
local_id : 0xfe74f04b (4269076555)
global : *
global: struct smbXsrv_session_global0
db_rec : NULL
session_global_id : 0xfe74f04b (4269076555)
session_wire_id : 0x00000000fe74f04b (4269076555)
creation_time : Wed Mar 19 04:57:14 PM 2014 CET
expiration_time : Thu Jan 1 01:00:00 AM 1970 CET
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0210 (528)
signing_required : 0x00 (0)
encryption_required : 0x00 (0)
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
local_address : 'ipv4:192.168.100.197:445'
remote_address : 'ipv4:192.168.100.137:55326'
remote_name : '192.168.100.137'
auth_session_info_seqnum : 0x00000000 (0)
status : NT_STATUS_MORE_PROCESSING_REQUIRED
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
nonce_high : 0x0000000000000000 (0)
nonce_low : 0x0000000000000000 (0)
gensec : NULL
compat : NULL
tcon_table : *
[2014/03/19 16:57:13.631231, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:462(make_auth_context_subsystem)
Making default auth method list for server role = 'domain member'
[2014/03/19 16:57:13.631270, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:363(load_auth_module)
load_auth_module: Attempting to find an auth method to match guest
[2014/03/19 16:57:13.631304, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:388(load_auth_module)
load_auth_module: auth method guest has a valid init
[2014/03/19 16:57:13.631335, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:363(load_auth_module)
load_auth_module: Attempting to find an auth method to match sam
[2014/03/19 16:57:13.631381, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:388(load_auth_module)
load_auth_module: auth method sam has a valid init
[2014/03/19 16:57:13.631414, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:363(load_auth_module)
load_auth_module: Attempting to find an auth method to match winbind:ntdomain
[2014/03/19 16:57:13.631445, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:363(load_auth_module)
load_auth_module: Attempting to find an auth method to match ntdomain
[2014/03/19 16:57:13.631476, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:388(load_auth_module)
load_auth_module: auth method ntdomain has a valid init
[2014/03/19 16:57:13.631506, 5, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:388(load_auth_module)
load_auth_module: auth method winbind has a valid init
[2014/03/19 16:57:13.631585, 5, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:664(gensec_start_mech)
Starting GENSEC mechanism spnego
[2014/03/19 16:57:13.631642, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:13.631679, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:13.631710, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:13.631750, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:13.631788, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:13.631847, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 24
req->in.vector[4].iov_len = 1787
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:13.632136, 5, pid=24712, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:664(gensec_start_mech)
Starting GENSEC submechanism gse_krb5
[2014/03/19 16:57:13.762252, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:13.762300, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:13.762341, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:13.762368, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:13.762395, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:13.762458, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:13.762796, 3, pid=24712, effective(0, 0), real(0, 0)] ../auth/kerberos/kerberos_pac.c:386(kerberos_decode_pac)
Found account name from PAC: Administrator []
[2014/03/19 16:57:13.762834, 10, pid=24712, effective(0, 0), real(0, 0)] ../auth/kerberos/kerberos_pac.c:388(kerberos_decode_pac)
Successfully validated Kerberos PAC
pac_data: struct PAC_DATA
num_buffers : 0x00000005 (5)
version : 0x00000000 (0)
buffers: ARRAY(5)
buffers: struct PAC_BUFFER
type : PAC_TYPE_LOGON_INFO (1)
_ndr_size : 0x00000200 (512)
info : *
info : union PAC_INFO(case 1)
logon_info: struct PAC_LOGON_INFO_CTR
info : *
info: struct PAC_LOGON_INFO
info3: struct netr_SamInfo3
base: struct netr_SamBaseInfo
logon_time : Tue Mar 18 08:06:51 AM 2014 CET
logoff_time : Thu Sep 14 04:48:05 AM 30828 CEST
kickoff_time : Thu Sep 14 04:48:05 AM 30828 CEST
last_password_change : Tue Oct 29 06:04:27 PM 2013 CET
allow_password_change : Tue Oct 29 06:04:27 PM 2013 CET
force_password_change : Thu Sep 14 04:48:05 AM 30828 CEST
account_name: struct lsa_String
length : 0x001a (26)
size : 0x001a (26)
string : *
string : 'Administrator'
full_name: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
logon_script: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
profile_path: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
home_directory: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
home_drive: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
logon_count : 0x00b9 (185)
bad_password_count : 0x0000 (0)
rid : 0x000001f4 (500)
primary_gid : 0x00000201 (513)
groups: struct samr_RidWithAttributeArray
count : 0x00000003 (3)
rids : *
rids: ARRAY(3)
rids: struct samr_RidWithAttribute
rid : 0x00000208 (520)
attributes : 0x00000007 (7)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
0: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
rids: struct samr_RidWithAttribute
rid : 0x00000200 (512)
attributes : 0x00000007 (7)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
0: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
rids: struct samr_RidWithAttribute
rid : 0x00000201 (513)
attributes : 0x00000007 (7)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
0: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
user_flags : 0x00000220 (544)
0: NETLOGON_GUEST
0: NETLOGON_NOENCRYPTION
0: NETLOGON_CACHED_ACCOUNT
0: NETLOGON_USED_LM_PASSWORD
1: NETLOGON_EXTRA_SIDS
0: NETLOGON_SUBAUTH_SESSION_KEY
0: NETLOGON_SERVER_TRUST_ACCOUNT
0: NETLOGON_NTLMV2_ENABLED
1: NETLOGON_RESOURCE_GROUPS
0: NETLOGON_PROFILE_PATH_RETURNED
0: NETLOGON_GRACE_LOGON
key: struct netr_UserSessionKey
key : 00000000000000000000000000000000
logon_server: struct lsa_StringLarge
length : 0x000a (10)
size : 0x000c (12)
string : *
string : 'L1DC1'
logon_domain: struct lsa_StringLarge
length : 0x000c (12)
size : 0x000e (14)
string : *
string : 'LEVEL1'
domain_sid : *
domain_sid : S-1-5-21-2999458101-3634337955-1355572417
LMSessKey: struct netr_LMSessionKey
key : 0000000000000000
acct_flags : 0x00000010 (16)
0: ACB_DISABLED
0: ACB_HOMDIRREQ
0: ACB_PWNOTREQ
0: ACB_TEMPDUP
1: ACB_NORMAL
0: ACB_MNS
0: ACB_DOMTRUST
0: ACB_WSTRUST
0: ACB_SVRTRUST
0: ACB_PWNOEXP
0: ACB_AUTOLOCK
0: ACB_ENC_TXT_PWD_ALLOWED
0: ACB_SMARTCARD_REQUIRED
0: ACB_TRUSTED_FOR_DELEGATION
0: ACB_NOT_DELEGATED
0: ACB_USE_DES_KEY_ONLY
0: ACB_DONT_REQUIRE_PREAUTH
0: ACB_PW_EXPIRED
0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION
0: ACB_NO_AUTH_DATA_REQD
0: ACB_PARTIAL_SECRETS_ACCOUNT
0: ACB_USE_AES_KEYS
sub_auth_status : 0x00000000 (0)
last_successful_logon : NTTIME(0)
last_failed_logon : NTTIME(0)
failed_logon_count : 0x00000000 (0)
reserved : 0x00000000 (0)
sidcount : 0x00000001 (1)
sids : *
sids: ARRAY(1)
sids: struct netr_SidAttr
sid : *
sid : S-1-18-1
attributes : 0x00000007 (7)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
0: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
res_group_dom_sid : *
res_group_dom_sid : S-1-5-21-2999458101-3634337955-1355572417
res_groups: struct samr_RidWithAttributeArray
count : 0x00000001 (1)
rids : *
rids: ARRAY(1)
rids: struct samr_RidWithAttribute
rid : 0x0000023c (572)
attributes : 0x20000007 (536870919)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
1: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
_pad : 0x00000000 (0)
buffers: struct PAC_BUFFER
type : PAC_TYPE_LOGON_NAME (10)
_ndr_size : 0x00000024 (36)
info : *
info : union PAC_INFO(case 10)
logon_name: struct PAC_LOGON_NAME
logon_time : Wed Mar 19 09:33:22 AM 2014 CET
size : 0x001a (26)
account_name : 'Administrator'
_pad : 0x00000000 (0)
buffers: struct PAC_BUFFER
type : PAC_TYPE_UNKNOWN_12 (12)
_ndr_size : 0x00000088 (136)
info : *
info : union PAC_INFO(case 12)
unknown: struct DATA_BLOB_REM
remaining : DATA_BLOB length=136
[0000] 46 00 10 00 2A 00 58 00 01 00 00 00 00 00 00 00 F...*.X. ........
[0010] 41 00 64 00 6D 00 69 00 6E 00 69 00 73 00 74 00 A.d.m.i. n.i.s.t.
[0020] 72 00 61 00 74 00 6F 00 72 00 40 00 6C 00 65 00 r.a.t.o. r. at .l.e.
[0030] 76 00 65 00 6C 00 31 00 2E 00 64 00 69 00 73 00 v.e.l.1. ..d.i.s.
[0040] 63 00 77 00 6F 00 72 00 6C 00 64 00 2E 00 73 00 c.w.o.r. l.d...s.
[0050] 69 00 74 00 65 00 00 00 4C 00 45 00 56 00 45 00 i.t.e... L.E.V.E.
[0060] 4C 00 31 00 2E 00 44 00 49 00 53 00 43 00 57 00 L.1...D. I.S.C.W.
[0070] 4F 00 52 00 4C 00 44 00 2E 00 53 00 49 00 54 00 O.R.L.D. ..S.I.T.
[0080] 45 00 00 00 00 00 00 00 E.......
_pad : 0x00000000 (0)
buffers: struct PAC_BUFFER
type : PAC_TYPE_SRV_CHECKSUM (6)
_ndr_size : 0x00000014 (20)
info : *
info : union PAC_INFO(case 6)
srv_cksum: struct PAC_SIGNATURE_DATA
type : 0xffffff76 (4294967158)
signature : DATA_BLOB length=16
[0000] EF D2 21 20 00 D4 79 91 72 F3 DE 23 5C 15 24 D6 ..! ..y. r..#\.$.
_pad : 0x00000000 (0)
buffers: struct PAC_BUFFER
type : PAC_TYPE_KDC_CHECKSUM (7)
_ndr_size : 0x00000014 (20)
info : *
info : union PAC_INFO(case 7)
kdc_cksum: struct PAC_SIGNATURE_DATA
type : 0xffffff76 (4294967158)
signature : DATA_BLOB length=16
[0000] 99 9A 12 B2 6D E8 E9 B3 47 83 31 23 83 C5 74 4F ....m... G.1#..tO
_pad : 0x00000000 (0)
[2014/03/19 16:57:13.766162, 3, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_krb5.c:51(get_user_from_kerberos_info)
Kerberos ticket principal name is [Administrator at LEVEL1.DISCWORLD.SITE]
[2014/03/19 16:57:13.766201, 10, pid=24712, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_krb5.c:83(get_user_from_kerberos_info)
Domain is [LEVEL1] (using PAC)
[2014/03/19 16:57:13.766243, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user LEVEL1+Administrator
[2014/03/19 16:57:13.766284, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is level1+administrator
[2014/03/19 16:57:13.981744, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals did find user [LEVEL1+Administrator]!
[2014/03/19 16:57:13.981951, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/libsmb/samlogon_cache.c:148(netsamlogon_cache_store)
netsamlogon_cache_store: SID [S-1-5-21-2999458101-3634337955-1355572417-500]
[2014/03/19 16:57:13.982072, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct netsamlogoncache_entry
timestamp : Wed Mar 19 04:57:13 PM 2014 CET
info3: struct netr_SamInfo3
base: struct netr_SamBaseInfo
logon_time : Tue Mar 18 08:06:51 AM 2014 CET
logoff_time : Thu Sep 14 04:48:05 AM 30828 CEST
kickoff_time : Thu Sep 14 04:48:05 AM 30828 CEST
last_password_change : Tue Oct 29 06:04:27 PM 2013 CET
allow_password_change : Tue Oct 29 06:04:27 PM 2013 CET
force_password_change : Thu Sep 14 04:48:05 AM 30828 CEST
account_name: struct lsa_String
length : 0x001a (26)
size : 0x001a (26)
string : *
string : 'Administrator'
full_name: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
logon_script: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
profile_path: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
home_directory: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
home_drive: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
logon_count : 0x00b9 (185)
bad_password_count : 0x0000 (0)
rid : 0x000001f4 (500)
primary_gid : 0x00000201 (513)
groups: struct samr_RidWithAttributeArray
count : 0x00000003 (3)
rids : *
rids: ARRAY(3)
rids: struct samr_RidWithAttribute
rid : 0x00000208 (520)
attributes : 0x00000007 (7)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
0: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
rids: struct samr_RidWithAttribute
rid : 0x00000200 (512)
attributes : 0x00000007 (7)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
0: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
rids: struct samr_RidWithAttribute
rid : 0x00000201 (513)
attributes : 0x00000007 (7)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
0: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
user_flags : 0x00000220 (544)
0: NETLOGON_GUEST
0: NETLOGON_NOENCRYPTION
0: NETLOGON_CACHED_ACCOUNT
0: NETLOGON_USED_LM_PASSWORD
1: NETLOGON_EXTRA_SIDS
0: NETLOGON_SUBAUTH_SESSION_KEY
0: NETLOGON_SERVER_TRUST_ACCOUNT
0: NETLOGON_NTLMV2_ENABLED
1: NETLOGON_RESOURCE_GROUPS
0: NETLOGON_PROFILE_PATH_RETURNED
0: NETLOGON_GRACE_LOGON
key: struct netr_UserSessionKey
key : 00000000000000000000000000000000
logon_server: struct lsa_StringLarge
length : 0x000a (10)
size : 0x000c (12)
string : *
string : 'L1DC1'
logon_domain: struct lsa_StringLarge
length : 0x000c (12)
size : 0x000e (14)
string : *
string : 'LEVEL1'
domain_sid : *
domain_sid : S-1-5-21-2999458101-3634337955-1355572417
LMSessKey: struct netr_LMSessionKey
key : 0000000000000000
acct_flags : 0x00000010 (16)
0: ACB_DISABLED
0: ACB_HOMDIRREQ
0: ACB_PWNOTREQ
0: ACB_TEMPDUP
1: ACB_NORMAL
0: ACB_MNS
0: ACB_DOMTRUST
0: ACB_WSTRUST
0: ACB_SVRTRUST
0: ACB_PWNOEXP
0: ACB_AUTOLOCK
0: ACB_ENC_TXT_PWD_ALLOWED
0: ACB_SMARTCARD_REQUIRED
0: ACB_TRUSTED_FOR_DELEGATION
0: ACB_NOT_DELEGATED
0: ACB_USE_DES_KEY_ONLY
0: ACB_DONT_REQUIRE_PREAUTH
0: ACB_PW_EXPIRED
0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION
0: ACB_NO_AUTH_DATA_REQD
0: ACB_PARTIAL_SECRETS_ACCOUNT
0: ACB_USE_AES_KEYS
sub_auth_status : 0x00000000 (0)
last_successful_logon : NTTIME(0)
last_failed_logon : NTTIME(0)
failed_logon_count : 0x00000000 (0)
reserved : 0x00000000 (0)
sidcount : 0x00000001 (1)
sids : *
sids: ARRAY(1)
sids: struct netr_SidAttr
sid : *
sid : S-1-18-1
attributes : 0x00000007 (7)
1: SE_GROUP_MANDATORY
1: SE_GROUP_ENABLED_BY_DEFAULT
1: SE_GROUP_ENABLED
0: SE_GROUP_OWNER
0: SE_GROUP_USE_FOR_DENY_ONLY
0: SE_GROUP_RESOURCE
0x00: SE_GROUP_LOGON_ID (0)
[2014/03/19 16:57:13.984951, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4576(lp_load_ex)
lp_load_ex: refreshing parameters
[2014/03/19 16:57:13.985050, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1486(free_param_opts)
Freeing parametrics:
[2014/03/19 16:57:13.985162, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:717(init_globals)
Initialising global parameters
[2014/03/19 16:57:13.985312, 3, pid=24712, effective(0, 0), real(0, 0)] ../lib/util/params.c:550(pm_process)
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
[2014/03/19 16:57:13.985357, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3396(do_section)
Processing section "[global]"
doing parameter workgroup = LEVEL1
doing parameter realm = LEVEL1.DISCWORLD.SITE
doing parameter security = ads
doing parameter map to guest = Bad User
doing parameter logon path = \\%L\profiles\.msprofile
doing parameter logon home = \\%L\%U\.9xprofile
doing parameter logon drive = P:
doing parameter usershare allow guests = Yes
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 0
doing parameter log level = 10
[2014/03/19 16:57:13.985702, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/util/debug.c:334(debug_dump_status)
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
doing parameter debug pid = yes
doing parameter passdb backend = tdbsam
doing parameter idmap config * : range = 1000000-1999999
doing parameter idmap config LEVEL1 : backend = rid
doing parameter idmap config LEVEL1 : range = 100000000-199999999
doing parameter client use spnego = yes
doing parameter client ldap sasl wrapping = seal
doing parameter create krb5 conf = no
doing parameter template shell = /bin/bash
doing parameter winbind cache time = 5400
doing parameter winbind enum users = true
doing parameter winbind enum groups = true
doing parameter winbind offline logon = false
doing parameter winbind normalize names = false
doing parameter winbind refresh tickets = true
doing parameter winbind use default domain = false
doing parameter winbind separator = +
[2014/03/19 16:57:13.986800, 2, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3413(do_section)
Processing section "[homes]"
doing parameter comment = Home Directories
doing parameter valid users = %S, %D%w%S
doing parameter browseable = No
doing parameter read only = No
doing parameter inherit acls = Yes
[2014/03/19 16:57:13.987126, 2, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3413(do_section)
Processing section "[profiles]"
doing parameter comment = Network Profiles Service
doing parameter path = %H
doing parameter read only = No
doing parameter store dos attributes = Yes
doing parameter create mask = 0600
doing parameter directory mask = 0700
[2014/03/19 16:57:13.987347, 2, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3413(do_section)
Processing section "[users]"
doing parameter comment = All users
doing parameter path = /home
doing parameter read only = No
doing parameter inherit acls = Yes
doing parameter veto files = /aquota.user/groups/shares/
[2014/03/19 16:57:13.987548, 2, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3413(do_section)
Processing section "[groups]"
doing parameter comment = All groups
doing parameter path = /home/groups
doing parameter read only = No
doing parameter inherit acls = Yes
[2014/03/19 16:57:13.987691, 2, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3413(do_section)
Processing section "[printers]"
doing parameter comment = All Printers
doing parameter path = /var/spool/samba
doing parameter printable = Yes
doing parameter create mask = 0600
doing parameter browseable = No
[2014/03/19 16:57:13.987922, 2, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3413(do_section)
Processing section "[print$]"
doing parameter comment = Printer Drivers
doing parameter path = /var/lib/samba/drivers
doing parameter write list = @ntadmin root
doing parameter force group = ntadmin
doing parameter create mask = 0664
doing parameter directory mask = 0775
[2014/03/19 16:57:13.988108, 2, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3413(do_section)
Processing section "[pdfprinter]"
doing parameter comment = Samba PDF Generator
doing parameter path = /var/spool/samba
doing parameter printable = Yes
doing parameter lpq command =
doing parameter lprm command =
doing parameter print command = /usr/local/bin/pdfprint.sh --spoolfile=%s --dropbox=%H/printpdf --user=%U --group=%G --machine=%m --ipaddr %I
doing parameter printer driver = HP Universial Printing PS
[2014/03/19 16:57:13.988379, 0, pid=24712, effective(0, 0), real(0, 0)] ../lib/param/loadparm.c:775(lpcfg_map_parameter)
Unknown parameter encountered: "printer driver"
[2014/03/19 16:57:13.988486, 0, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3107(lp_do_parameter)
Ignoring unknown parameter "printer driver"
[2014/03/19 16:57:13.988570, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4615(lp_load_ex)
pm_process() returned Yes
[2014/03/19 16:57:13.988627, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1750(lp_add_ipc)
adding IPC service
[2014/03/19 16:57:13.988753, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user LEVEL1+administrator
[2014/03/19 16:57:13.988790, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is level1+administrator
[2014/03/19 16:57:13.988834, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals did find user [LEVEL1+administrator]!
[2014/03/19 16:57:13.990297, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:224(create_local_nt_token_from_info3)
Create local NT token for Administrator
[2014/03/19 16:57:13.990381, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-32-544]: value=[1000000:G]
[2014/03/19 16:57:13.990423, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-32-544]: id=[1000000], endptr=[:G]
[2014/03/19 16:57:13.990467, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1447(sid_to_gid)
sid S-1-5-32-544 -> gid 1000000
[2014/03/19 16:57:13.990525, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-32-545]: value=[1000001:G]
[2014/03/19 16:57:13.990560, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-32-545]: id=[1000001], endptr=[:G]
[2014/03/19 16:57:13.990602, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1447(sid_to_gid)
sid S-1-5-32-545 -> gid 1000001
[2014/03/19 16:57:13.990638, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:13.990696, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:13.990730, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:13.990772, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:13.990803, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:13.990985, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:13.991107, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges)
get_privileges: No privileges assigned to SID [S-1-5-21-2999458101-3634337955-1355572417-500]
[2014/03/19 16:57:13.991150, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges)
get_privileges: No privileges assigned to SID [S-1-5-21-2999458101-3634337955-1355572417-513]
[2014/03/19 16:57:13.991202, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges)
get_privileges: No privileges assigned to SID [S-1-5-21-2999458101-3634337955-1355572417-520]
[2014/03/19 16:57:13.991242, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges)
get_privileges: No privileges assigned to SID [S-1-5-21-2999458101-3634337955-1355572417-512]
[2014/03/19 16:57:13.991279, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges)
get_privileges: No privileges assigned to SID [S-1-18-1]
[2014/03/19 16:57:13.991326, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:176(get_privileges_for_sids)
get_privileges_for_sids: sid = S-1-1-0
Privilege set: 0x0
[2014/03/19 16:57:13.991373, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges)
get_privileges: No privileges assigned to SID [S-1-5-2]
[2014/03/19 16:57:13.991423, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges)
get_privileges: No privileges assigned to SID [S-1-5-11]
[2014/03/19 16:57:13.991461, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges)
get_privileges: No privileges assigned to SID [S-1-5-32-545]
[2014/03/19 16:57:13.991509, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:176(get_privileges_for_sids)
get_privileges_for_sids: sid = S-1-5-32-544
Privilege set: 0x1ffffff0
[2014/03/19 16:57:13.991577, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-21-2999458101-3634337955-1355572417-500]: value=[100000500:B]
[2014/03/19 16:57:13.991627, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-21-2999458101-3634337955-1355572417-500]: id=[100000500], endptr=[:B]
[2014/03/19 16:57:13.991689, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-21-2999458101-3634337955-1355572417-513]: value=[100000513:B]
[2014/03/19 16:57:13.991732, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-21-2999458101-3634337955-1355572417-513]: id=[100000513], endptr=[:B]
[2014/03/19 16:57:13.991786, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-21-2999458101-3634337955-1355572417-520]: value=[100000520:B]
[2014/03/19 16:57:13.991820, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-21-2999458101-3634337955-1355572417-520]: id=[100000520], endptr=[:B]
[2014/03/19 16:57:13.991873, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-21-2999458101-3634337955-1355572417-512]: value=[100000512:B]
[2014/03/19 16:57:13.991906, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-21-2999458101-3634337955-1355572417-512]: id=[100000512], endptr=[:B]
[2014/03/19 16:57:13.991958, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-18-1]: value=[1000008:G]
[2014/03/19 16:57:13.992046, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-18-1]: id=[1000008], endptr=[:G]
[2014/03/19 16:57:13.992109, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-1-0]: value=[1000002:G]
[2014/03/19 16:57:13.992154, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-1-0]: id=[1000002], endptr=[:G]
[2014/03/19 16:57:13.992195, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-2]: value=[1000003:G]
[2014/03/19 16:57:13.992240, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-2]: id=[1000003], endptr=[:G]
[2014/03/19 16:57:13.992280, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-11]: value=[1000009:G]
[2014/03/19 16:57:13.992322, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-11]: id=[1000009], endptr=[:G]
[2014/03/19 16:57:13.992378, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-32-545]: value=[1000001:G]
[2014/03/19 16:57:13.992412, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-32-545]: id=[1000001], endptr=[:G]
[2014/03/19 16:57:13.992463, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-32-544]: value=[1000000:G]
[2014/03/19 16:57:13.992506, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
Parsing value for key [IDMAP/SID2XID/S-1-5-32-544]: id=[1000000], endptr=[:G]
[2014/03/19 16:57:13.992560, 10, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:13.993222, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:13.993388, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/auth_generic.c:126(auth3_generate_session_info_pac)
../source3/auth/auth_generic.c:126OK: user: Administrator domain: LEVEL1 client: 192.168.100.137
[2014/03/19 16:57:13.993509, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_session_global.tdb
[2014/03/19 16:57:13.993559, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_session_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:13.993593, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 7439DE9B
[2014/03/19 16:57:13.993653, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de5848b90
[2014/03/19 16:57:13.993691, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 7439DE9B
[2014/03/19 16:57:13.993725, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_session_global.tdb
[2014/03/19 16:57:13.993756, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:13.993841, 7, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4905(lp_servicenumber)
lp_servicenumber: couldn't find LEVEL1+administrator
[2014/03/19 16:57:13.993880, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user LEVEL1+administrator
[2014/03/19 16:57:13.993912, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is level1+administrator
[2014/03/19 16:57:13.993956, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals did find user [LEVEL1+administrator]!
[2014/03/19 16:57:13.993987, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/password.c:144(register_homes_share)
Adding homes service for user 'LEVEL1+administrator' using home directory: '/home/%D/%U'
[2014/03/19 16:57:13.994148, 8, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1596(add_a_service)
add_a_service: Creating snum = 8 for administrator
[2014/03/19 16:57:13.994185, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1646(hash_a_service)
hash_a_service: hashing index 8 for service name administrator
[2014/03/19 16:57:13.994231, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1702(lp_add_home)
adding home's share [administrator] for user 'LEVEL1+administrator' at '/home/%D/%U'
[2014/03/19 16:57:13.994298, 6, pid=24712, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2609(lp_file_list_changed)
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Mar 19 16:06:44 2014
[2014/03/19 16:57:13.994393, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_session_global.tdb
[2014/03/19 16:57:13.994429, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_session_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:13.994473, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key FE74F04B
[2014/03/19 16:57:13.994519, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586bec0
[2014/03/19 16:57:13.994617, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:844(smbXsrv_session_global_store)
[2014/03/19 16:57:13.994658, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:846(smbXsrv_session_global_store)
smbXsrv_session_global_store: key 'FE74F04B' stored
[2014/03/19 16:57:13.994693, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_session_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000002 (2)
info : union smbXsrv_session_globalU(case 0)
info0 : *
info0: struct smbXsrv_session_global0
db_rec : *
session_global_id : 0xfe74f04b (4269076555)
session_wire_id : 0x00000000fe74f04b (4269076555)
creation_time : Wed Mar 19 04:57:14 PM 2014 CET
expiration_time : Wed Mar 19 07:33:23 PM 2014 CET
auth_session_info_seqnum : 0x00000001 (1)
auth_session_info : *
auth_session_info: struct auth_session_info
security_token : *
security_token: struct security_token
num_sids : 0x00000015 (21)
sids: ARRAY(21)
sids : S-1-5-21-2999458101-3634337955-1355572417-500
sids : S-1-5-21-2999458101-3634337955-1355572417-513
sids : S-1-5-21-2999458101-3634337955-1355572417-520
sids : S-1-5-21-2999458101-3634337955-1355572417-512
sids : S-1-18-1
sids : S-1-1-0
sids : S-1-5-2
sids : S-1-5-11
sids : S-1-5-32-545
sids : S-1-5-32-544
sids : S-1-22-1-100000500
sids : S-1-22-2-100000500
sids : S-1-22-2-100000513
sids : S-1-22-2-100000520
sids : S-1-22-2-100000512
sids : S-1-22-2-1000008
sids : S-1-22-2-1000002
sids : S-1-22-2-1000003
sids : S-1-22-2-1000009
sids : S-1-22-2-1000001
sids : S-1-22-2-1000000
privilege_mask : 0x000000001ffffff0 (536870896)
1: SEC_PRIV_MACHINE_ACCOUNT_BIT
1: SEC_PRIV_PRINT_OPERATOR_BIT
1: SEC_PRIV_ADD_USERS_BIT
1: SEC_PRIV_DISK_OPERATOR_BIT
1: SEC_PRIV_REMOTE_SHUTDOWN_BIT
1: SEC_PRIV_BACKUP_BIT
1: SEC_PRIV_RESTORE_BIT
1: SEC_PRIV_TAKE_OWNERSHIP_BIT
1: SEC_PRIV_INCREASE_QUOTA_BIT
1: SEC_PRIV_SECURITY_BIT
1: SEC_PRIV_LOAD_DRIVER_BIT
1: SEC_PRIV_SYSTEM_PROFILE_BIT
1: SEC_PRIV_SYSTEMTIME_BIT
1: SEC_PRIV_PROFILE_SINGLE_PROCESS_BIT
1: SEC_PRIV_INCREASE_BASE_PRIORITY_BIT
1: SEC_PRIV_CREATE_PAGEFILE_BIT
1: SEC_PRIV_SHUTDOWN_BIT
1: SEC_PRIV_DEBUG_BIT
1: SEC_PRIV_SYSTEM_ENVIRONMENT_BIT
1: SEC_PRIV_CHANGE_NOTIFY_BIT
1: SEC_PRIV_UNDOCK_BIT
1: SEC_PRIV_ENABLE_DELEGATION_BIT
1: SEC_PRIV_MANAGE_VOLUME_BIT
1: SEC_PRIV_IMPERSONATE_BIT
1: SEC_PRIV_CREATE_GLOBAL_BIT
rights_mask : 0x00000000 (0)
0: LSA_POLICY_MODE_INTERACTIVE
0: LSA_POLICY_MODE_NETWORK
0: LSA_POLICY_MODE_BATCH
0: LSA_POLICY_MODE_SERVICE
0: LSA_POLICY_MODE_PROXY
0: LSA_POLICY_MODE_DENY_INTERACTIVE
0: LSA_POLICY_MODE_DENY_NETWORK
0: LSA_POLICY_MODE_DENY_BATCH
0: LSA_POLICY_MODE_DENY_SERVICE
0: LSA_POLICY_MODE_REMOTE_INTERACTIVE
0: LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE
0x00: LSA_POLICY_MODE_ALL (0)
0x00: LSA_POLICY_MODE_ALL_NT4 (0)
unix_token : *
unix_token: struct security_unix_token
uid : 0x0000000005f5e2f4 (100000500)
gid : 0x0000000005f5e301 (100000513)
ngroups : 0x0000000a (10)
groups: ARRAY(10)
groups : 0x0000000005f5e2f4 (100000500)
groups : 0x0000000005f5e301 (100000513)
groups : 0x0000000005f5e308 (100000520)
groups : 0x0000000005f5e300 (100000512)
groups : 0x00000000000f4248 (1000008)
groups : 0x00000000000f4242 (1000002)
groups : 0x00000000000f4243 (1000003)
groups : 0x00000000000f4249 (1000009)
groups : 0x00000000000f4241 (1000001)
groups : 0x00000000000f4240 (1000000)
info : *
info: struct auth_user_info
account_name : *
account_name : 'Administrator'
domain_name : *
domain_name : 'LEVEL1'
full_name : *
full_name : ''
logon_script : *
logon_script : ''
profile_path : *
profile_path : ''
home_directory : *
home_directory : ''
home_drive : *
home_drive : ''
logon_server : *
logon_server : 'L1DC1'
last_logon : Tue Mar 18 08:06:51 AM 2014 CET
last_logoff : Thu Sep 14 04:48:05 AM 30828 CEST
acct_expiry : Thu Sep 14 04:48:05 AM 30828 CEST
last_password_change : Tue Oct 29 06:04:27 PM 2013 CET
allow_password_change : Tue Oct 29 06:04:27 PM 2013 CET
force_password_change : Thu Sep 14 04:48:05 AM 30828 CEST
logon_count : 0x00b9 (185)
bad_password_count : 0x0000 (0)
acct_flags : 0x00000010 (16)
authenticated : 0x01 (1)
unix_info : *
unix_info: struct auth_user_info_unix
unix_name : *
unix_name : 'LEVEL1+administrator'
sanitized_username : *
sanitized_username : 'Administrator'
torture : NULL
credentials : NULL
connection_dialect : 0x0210 (528)
signing_required : 0x00 (0)
encryption_required : 0x00 (0)
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
local_address : 'ipv4:192.168.100.197:445'
remote_address : 'ipv4:192.168.100.137:55326'
remote_name : '192.168.100.137'
auth_session_info_seqnum : 0x00000001 (1)
[2014/03/19 16:57:13.998641, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key FE74F04B
[2014/03/19 16:57:13.998678, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_session_global.tdb
[2014/03/19 16:57:13.998719, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:13.998750, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:1260(smbXsrv_session_update)
[2014/03/19 16:57:13.998770, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:1268(smbXsrv_session_update)
smbXsrv_session_update: global_id (0xfe74f04b) stored
[2014/03/19 16:57:13.998808, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&session_blob: struct smbXsrv_sessionB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_sessionU(case 0)
info0 : *
info0: struct smbXsrv_session
table : *
db_rec : NULL
connection : *
local_id : 0xfe74f04b (4269076555)
global : *
global: struct smbXsrv_session_global0
db_rec : NULL
session_global_id : 0xfe74f04b (4269076555)
session_wire_id : 0x00000000fe74f04b (4269076555)
creation_time : Wed Mar 19 04:57:14 PM 2014 CET
expiration_time : Wed Mar 19 07:33:23 PM 2014 CET
auth_session_info_seqnum : 0x00000001 (1)
auth_session_info : *
auth_session_info: struct auth_session_info
security_token : *
security_token: struct security_token
num_sids : 0x00000015 (21)
sids: ARRAY(21)
sids : S-1-5-21-2999458101-3634337955-1355572417-500
sids : S-1-5-21-2999458101-3634337955-1355572417-513
sids : S-1-5-21-2999458101-3634337955-1355572417-520
sids : S-1-5-21-2999458101-3634337955-1355572417-512
sids : S-1-18-1
sids : S-1-1-0
sids : S-1-5-2
sids : S-1-5-11
sids : S-1-5-32-545
sids : S-1-5-32-544
sids : S-1-22-1-100000500
sids : S-1-22-2-100000500
sids : S-1-22-2-100000513
sids : S-1-22-2-100000520
sids : S-1-22-2-100000512
sids : S-1-22-2-1000008
sids : S-1-22-2-1000002
sids : S-1-22-2-1000003
sids : S-1-22-2-1000009
sids : S-1-22-2-1000001
sids : S-1-22-2-1000000
privilege_mask : 0x000000001ffffff0 (536870896)
1: SEC_PRIV_MACHINE_ACCOUNT_BIT
1: SEC_PRIV_PRINT_OPERATOR_BIT
1: SEC_PRIV_ADD_USERS_BIT
1: SEC_PRIV_DISK_OPERATOR_BIT
1: SEC_PRIV_REMOTE_SHUTDOWN_BIT
1: SEC_PRIV_BACKUP_BIT
1: SEC_PRIV_RESTORE_BIT
1: SEC_PRIV_TAKE_OWNERSHIP_BIT
1: SEC_PRIV_INCREASE_QUOTA_BIT
1: SEC_PRIV_SECURITY_BIT
1: SEC_PRIV_LOAD_DRIVER_BIT
1: SEC_PRIV_SYSTEM_PROFILE_BIT
1: SEC_PRIV_SYSTEMTIME_BIT
1: SEC_PRIV_PROFILE_SINGLE_PROCESS_BIT
1: SEC_PRIV_INCREASE_BASE_PRIORITY_BIT
1: SEC_PRIV_CREATE_PAGEFILE_BIT
1: SEC_PRIV_SHUTDOWN_BIT
1: SEC_PRIV_DEBUG_BIT
1: SEC_PRIV_SYSTEM_ENVIRONMENT_BIT
1: SEC_PRIV_CHANGE_NOTIFY_BIT
1: SEC_PRIV_UNDOCK_BIT
1: SEC_PRIV_ENABLE_DELEGATION_BIT
1: SEC_PRIV_MANAGE_VOLUME_BIT
1: SEC_PRIV_IMPERSONATE_BIT
1: SEC_PRIV_CREATE_GLOBAL_BIT
rights_mask : 0x00000000 (0)
0: LSA_POLICY_MODE_INTERACTIVE
0: LSA_POLICY_MODE_NETWORK
0: LSA_POLICY_MODE_BATCH
0: LSA_POLICY_MODE_SERVICE
0: LSA_POLICY_MODE_PROXY
0: LSA_POLICY_MODE_DENY_INTERACTIVE
0: LSA_POLICY_MODE_DENY_NETWORK
0: LSA_POLICY_MODE_DENY_BATCH
0: LSA_POLICY_MODE_DENY_SERVICE
0: LSA_POLICY_MODE_REMOTE_INTERACTIVE
0: LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE
0x00: LSA_POLICY_MODE_ALL (0)
0x00: LSA_POLICY_MODE_ALL_NT4 (0)
unix_token : *
unix_token: struct security_unix_token
uid : 0x0000000005f5e2f4 (100000500)
gid : 0x0000000005f5e301 (100000513)
ngroups : 0x0000000a (10)
groups: ARRAY(10)
groups : 0x0000000005f5e2f4 (100000500)
groups : 0x0000000005f5e301 (100000513)
groups : 0x0000000005f5e308 (100000520)
groups : 0x0000000005f5e300 (100000512)
groups : 0x00000000000f4248 (1000008)
groups : 0x00000000000f4242 (1000002)
groups : 0x00000000000f4243 (1000003)
groups : 0x00000000000f4249 (1000009)
groups : 0x00000000000f4241 (1000001)
groups : 0x00000000000f4240 (1000000)
info : *
info: struct auth_user_info
account_name : *
account_name : 'Administrator'
domain_name : *
domain_name : 'LEVEL1'
full_name : *
full_name : ''
logon_script : *
logon_script : ''
profile_path : *
profile_path : ''
home_directory : *
home_directory : ''
home_drive : *
home_drive : ''
logon_server : *
logon_server : 'L1DC1'
last_logon : Tue Mar 18 08:06:51 AM 2014 CET
last_logoff : Thu Sep 14 04:48:05 AM 30828 CEST
acct_expiry : Thu Sep 14 04:48:05 AM 30828 CEST
last_password_change : Tue Oct 29 06:04:27 PM 2013 CET
allow_password_change : Tue Oct 29 06:04:27 PM 2013 CET
force_password_change : Thu Sep 14 04:48:05 AM 30828 CEST
logon_count : 0x00b9 (185)
bad_password_count : 0x0000 (0)
acct_flags : 0x00000010 (16)
authenticated : 0x01 (1)
unix_info : *
unix_info: struct auth_user_info_unix
unix_name : *
unix_name : 'LEVEL1+administrator'
sanitized_username : *
sanitized_username : 'Administrator'
torture : NULL
credentials : NULL
connection_dialect : 0x0210 (528)
signing_required : 0x00 (0)
encryption_required : 0x00 (0)
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
local_address : 'ipv4:192.168.100.197:445'
remote_address : 'ipv4:192.168.100.137:55326'
remote_name : '192.168.100.137'
auth_session_info_seqnum : 0x00000001 (1)
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
nonce_high : 0x0000000000000000 (0)
nonce_low : 0x0000000000000000 (0)
gensec : *
compat : *
tcon_table : *
[2014/03/19 16:57:14.000965, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[8] dyn[yes:163] at ../source3/smbd/smb2_sesssetup.c:167
[2014/03/19 16:57:14.001047, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 31, charge 1, granted 31, current possible/max 512/512, total granted/max/low/range 31/8192/2/31
[2014/03/19 16:57:14.001114, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/smb/smb2_signing.c:92(smb2_signing_sign_pdu)
signed SMB2 message
[2014/03/19 16:57:14.002085, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.002122, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 2 (position 2) from bitmap
[2014/03/19 16:57:14.002174, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_TCON] mid = 2
[2014/03/19 16:57:14.002230, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.002261, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:14.002299, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:14.002338, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2014/03/19 16:57:14.002394, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_tcon.c:198(smbd_smb2_tree_connect)
smbd_smb2_tree_connect: path[\\samba\IPC$] share[IPC$]
[2014/03/19 16:57:14.002456, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_tcon_global.tdb
[2014/03/19 16:57:14.002495, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_tcon_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.002525, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 711A2C21
[2014/03/19 16:57:14.002568, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586bec0
[2014/03/19 16:57:14.002671, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:673(smbXsrv_tcon_global_store)
[2014/03/19 16:57:14.002695, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:675(smbXsrv_tcon_global_store)
smbXsrv_tcon_global_store: key '711A2C21' stored
[2014/03/19 16:57:14.002733, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_tcon_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_tcon_globalU(case 0)
info0 : *
info0: struct smbXsrv_tcon_global0
db_rec : *
tcon_global_id : 0x711a2c21 (1897540641)
tcon_wire_id : 0x711a2c21 (1897540641)
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
creation_time : Wed Mar 19 04:57:14 PM 2014 CET
share_name : NULL
encryption_required : 0x00 (0)
session_global_id : 0x00000000 (0)
[2014/03/19 16:57:14.002965, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 711A2C21
[2014/03/19 16:57:14.003050, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_tcon_global.tdb
[2014/03/19 16:57:14.003090, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.003118, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:797(smbXsrv_tcon_create)
[2014/03/19 16:57:14.003145, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:805(smbXsrv_tcon_create)
smbXsrv_tcon_create: global_id (0x711a2c21) stored
[2014/03/19 16:57:14.003171, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&tcon_blob: struct smbXsrv_tconB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_tconU(case 0)
info0 : *
info0: struct smbXsrv_tcon
table : *
db_rec : NULL
local_id : 0x711a2c21 (1897540641)
global : *
global: struct smbXsrv_tcon_global0
db_rec : NULL
tcon_global_id : 0x711a2c21 (1897540641)
tcon_wire_id : 0x711a2c21 (1897540641)
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
creation_time : Wed Mar 19 04:57:14 PM 2014 CET
share_name : NULL
encryption_required : 0x00 (0)
session_global_id : 0x00000000 (0)
status : NT_STATUS_INTERNAL_ERROR
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
compat : NULL
[2014/03/19 16:57:14.003534, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/lib/access.c:338(allow_access)
Allowed connection from 192.168.100.137 (192.168.100.137)
[2014/03/19 16:57:14.003588, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:237(user_ok_token)
user_ok_token: share IPC$ is ok for unix user LEVEL1+administrator
[2014/03/19 16:57:14.003692, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:163(set_conn_connectpath)
set_conn_connectpath: service IPC$, connectpath = /tmp
[2014/03/19 16:57:14.003738, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:612(make_connection_snum)
Connect path is '/tmp' for service [IPC$]
[2014/03/19 16:57:14.003770, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:237(user_ok_token)
user_ok_token: share IPC$ is ok for unix user LEVEL1+administrator
[2014/03/19 16:57:14.003811, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:284(is_share_read_only_for_token)
is_share_read_only_for_user: share IPC$ is read-only for unix user LEVEL1+administrator
[2014/03/19 16:57:14.003878, 10, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/access_check.c:337(se_file_access_check)
se_file_access_check: MAX desired = 0x2000000 mapped to 0x11f01ff
[2014/03/19 16:57:14.003926, 3, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:113(vfs_init_default)
Initialising default vfs hooks
[2014/03/19 16:57:14.003962, 10, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry)
vfs_find_backend_entry called for posixacl
[2014/03/19 16:57:14.004066, 5, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs)
Successfully added vfs backend 'posixacl'
[2014/03/19 16:57:14.004102, 10, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry)
vfs_find_backend_entry called for /[Default VFS]/
[2014/03/19 16:57:14.004139, 5, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs)
Successfully added vfs backend '/[Default VFS]/'
[2014/03/19 16:57:14.004170, 10, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry)
vfs_find_backend_entry called for dfs_samba4
[2014/03/19 16:57:14.004197, 5, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs)
Successfully added vfs backend 'dfs_samba4'
[2014/03/19 16:57:14.004245, 10, pid=24712, effective(0, 0), real(0, 0), class=dfs_samba4] ../source3/modules/vfs_dfs_samba4.c:155(vfs_dfs_samba4_init)
vfs_dfs_samba4: Debug class number of 'fileid': 23
[2014/03/19 16:57:14.004282, 3, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:139(vfs_init_custom)
Initialising custom vfs hooks from [/[Default VFS]/]
[2014/03/19 16:57:14.004313, 10, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry)
vfs_find_backend_entry called for /[Default VFS]/
Successfully loaded vfs module [/[Default VFS]/] with the new modules system
[2014/03/19 16:57:14.004387, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:163(set_conn_connectpath)
set_conn_connectpath: service IPC$, connectpath = /tmp
[2014/03/19 16:57:14.004434, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:237(user_ok_token)
user_ok_token: share IPC$ is ok for unix user LEVEL1+administrator
[2014/03/19 16:57:14.004465, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:284(is_share_read_only_for_token)
is_share_read_only_for_user: share IPC$ is read-only for unix user LEVEL1+administrator
[2014/03/19 16:57:14.004511, 10, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/access_check.c:337(se_file_access_check)
se_file_access_check: MAX desired = 0x2000000 mapped to 0x11f01ff
[2014/03/19 16:57:14.005075, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.005128, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.005669, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.005830, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:363(change_to_user_internal)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.005875, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.005906, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:14.005935, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:14.005988, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2014/03/19 16:57:14.006082, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:163(set_conn_connectpath)
set_conn_connectpath: service IPC$, connectpath = /tmp
[2014/03/19 16:57:14.006151, 10, pid=24712, effective(0, 0), real(0, 0), class=vfs] ../source3/modules/vfs_default.c:164(vfswrap_fs_capabilities)
vfswrap_fs_capabilities: timestamp resolution of sec available on share IPC$, directory /tmp
[2014/03/19 16:57:14.006197, 3, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:856(make_connection_snum)
192.168.100.137 (ipv4:192.168.100.137:55326) connect to service IPC$ initially as user LEVEL1+administrator (uid=100000500, gid=100000513) (pid 24712)
[2014/03/19 16:57:14.006258, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_tcon_global.tdb
[2014/03/19 16:57:14.006289, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_tcon_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.006330, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 711A2C21
[2014/03/19 16:57:14.006363, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586eb50
[2014/03/19 16:57:14.006411, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:673(smbXsrv_tcon_global_store)
[2014/03/19 16:57:14.006432, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:675(smbXsrv_tcon_global_store)
smbXsrv_tcon_global_store: key '711A2C21' stored
[2014/03/19 16:57:14.006462, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_tcon_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000002 (2)
info : union smbXsrv_tcon_globalU(case 0)
info0 : *
info0: struct smbXsrv_tcon_global0
db_rec : *
tcon_global_id : 0x711a2c21 (1897540641)
tcon_wire_id : 0x711a2c21 (1897540641)
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
creation_time : Wed Mar 19 04:57:14 PM 2014 CET
share_name : 'IPC$'
encryption_required : 0x00 (0)
session_global_id : 0xfe74f04b (4269076555)
[2014/03/19 16:57:14.006701, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 711A2C21
[2014/03/19 16:57:14.006738, 5, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_tcon_global.tdb
[2014/03/19 16:57:14.006778, 10, pid=24712, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.006808, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:850(smbXsrv_tcon_update)
[2014/03/19 16:57:14.006826, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:858(smbXsrv_tcon_update)
smbXsrv_tcon_update: global_id (0x711a2c21) stored
[2014/03/19 16:57:14.006864, 1, pid=24712, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&tcon_blob: struct smbXsrv_tconB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_tconU(case 0)
info0 : *
info0: struct smbXsrv_tcon
table : *
db_rec : NULL
local_id : 0x711a2c21 (1897540641)
global : *
global: struct smbXsrv_tcon_global0
db_rec : NULL
tcon_global_id : 0x711a2c21 (1897540641)
tcon_wire_id : 0x711a2c21 (1897540641)
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
creation_time : Wed Mar 19 04:57:14 PM 2014 CET
share_name : 'IPC$'
encryption_required : 0x00 (0)
session_global_id : 0xfe74f04b (4269076555)
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
compat : *
[2014/03/19 16:57:14.007202, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[no:0] at ../source3/smbd/smb2_tcon.c:162
[2014/03/19 16:57:14.007246, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/3/31
[2014/03/19 16:57:14.007685, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.007722, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 3 (position 3) from bitmap
[2014/03/19 16:57:14.007763, 10, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 3
[2014/03/19 16:57:14.007800, 4, pid=24712, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.007843, 5, pid=24712, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.008539, 5, pid=24712, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.008695, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:363(change_to_user_internal)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.008742, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=vfs] ../source3/smbd/vfs.c:839(vfs_ChDir)
vfs_ChDir to /tmp
[2014/03/19 16:57:14.008808, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=vfs] ../source3/smbd/vfs.c:850(vfs_ChDir)
vfs_ChDir got /tmp
[2014/03/19 16:57:14.008866, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:14.008922, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.008963, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.009108, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 488E7836
[2014/03/19 16:57:14.009159, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de585f800
[2014/03/19 16:57:14.009277, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key '488E7836' stored
[2014/03/19 16:57:14.009326, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x488e7836 (1217296438)
open_persistent_id : 0x00000000488e7836 (1217296438)
open_volatile_id : 0x00000000f1276b3b (4045892411)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:14.009697, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 488E7836
[2014/03/19 16:57:14.009731, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.009773, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.009804, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0x488e7836) stored
[2014/03/19 16:57:14.009844, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0xf1276b3b (4045892411)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x488e7836 (1217296438)
open_persistent_id : 0x00000000488e7836 (1217296438)
open_volatile_id : 0x00000000f1276b3b (4045892411)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
compat : NULL
[2014/03/19 16:57:14.010373, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 4045892411 (1 used)
[2014/03/19 16:57:14.010431, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:14.010499, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:14.010669, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:14.010730, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 4045892411
[2014/03/19 16:57:14.010786, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:14.010825, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/4/31
[2014/03/19 16:57:14.011424, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.011464, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 4 (position 4) from bitmap
[2014/03/19 16:57:14.011507, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 4
[2014/03/19 16:57:14.011541, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.011592, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 4, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.011637, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 4045892411
[2014/03/19 16:57:14.011676, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.011872, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:14.011915, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/5/31
[2014/03/19 16:57:14.012246, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.012302, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:14.012348, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.012397, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:14.012428, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:14.012472, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.012504, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:14.012546, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:14.012645, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:14.013307, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:14.013351, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:14.013432, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.013479, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 5 (position 5) from bitmap
[2014/03/19 16:57:14.013511, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 5
[2014/03/19 16:57:14.013554, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.013592, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 5, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.013636, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 4045892411
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.013854, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:14.013891, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:14.013948, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/6/31
[2014/03/19 16:57:14.014358, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.014398, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 6 (position 6) from bitmap
[2014/03/19 16:57:14.014440, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 6
[2014/03/19 16:57:14.014475, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.014523, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 6, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.014558, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4045892411
[2014/03/19 16:57:14.014614, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 194
[2014/03/19 16:57:14.014646, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 194
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 194
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.014830, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 194
[2014/03/19 16:57:14.014865, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.014954, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.014992, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.015088, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.015157, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.015196, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.015241, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.015848, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.016155, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.016204, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.016239, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX
[2014/03/19 16:57:14.016288, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[69].fn == 0x7f5de3038ac3
[2014/03/19 16:57:14.016368, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
in: struct spoolss_OpenPrinterEx
printername : *
printername : '\\samba'
datatype : NULL
devmode_ctr: struct spoolss_DevmodeContainer
_ndr_size : 0x00000000 (0)
devmode : NULL
access_mask : 0x00020002 (131074)
0: SERVER_ACCESS_ADMINISTER
1: SERVER_ACCESS_ENUMERATE
0: PRINTER_ACCESS_ADMINISTER
0: PRINTER_ACCESS_USE
0: JOB_ACCESS_ADMINISTER
0: JOB_ACCESS_READ
userlevel_ctr: struct spoolss_UserLevelCtr
level : 0x00000001 (1)
user_info : union spoolss_UserLevel(case 1)
level1 : *
level1: struct spoolss_UserLevel1
size : 0x00000028 (40)
client : *
client : 'WIN7CLI'
user : *
user : 'LEVEL1\Administrator'
build : 0x00001db1 (7601)
major : UNKNOWN_ENUM_VALUE (3)
minor : SPOOLSS_MINOR_VERSION_0 (0)
processor : PROCESSOR_ARCHITECTURE_AMD64 (9)
checking name: \\samba
[2014/03/19 16:57:14.016849, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:739(open_printer_hnd)
open_printer_hnd: name [\\samba]
[2014/03/19 16:57:14.016886, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.016964, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:507(set_printer_hnd_printertype)
Setting printer type=\\samba
Printer is a print server
[2014/03/19 16:57:14.017123, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:567(set_printer_hnd_name)
Setting printer name=\\samba (len=7)
[2014/03/19 16:57:14.017164, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:775(open_printer_hnd)
1 printer handles active
[2014/03/19 16:57:14.017213, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.017284, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:1838(_spoolss_OpenPrinterEx)
Setting print server access = SERVER_ACCESS_ENUMERATE
[2014/03/19 16:57:14.017319, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
out: struct spoolss_OpenPrinterEx
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000011-0000-0000-2953-5abe88600000
result : WERR_OK
[2014/03/19 16:57:14.017450, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.017495, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.017556, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 11 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 00 00 00 00 .`......
[2014/03/19 16:57:14.018051, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.018110, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.018191, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 6 going async
[2014/03/19 16:57:14.018245, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/7/31
[2014/03/19 16:57:14.018279, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.018475, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.018514, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.018563, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.018597, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.018642, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/7/31
[2014/03/19 16:57:14.019297, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.019352, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 7 (position 7) from bitmap
[2014/03/19 16:57:14.019386, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 7
[2014/03/19 16:57:14.019433, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.019468, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 7, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.019513, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4045892411
[2014/03/19 16:57:14.019547, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 88
[2014/03/19 16:57:14.019590, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 88
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 88
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.019781, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 88
[2014/03/19 16:57:14.019828, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.019920, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.019972, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.020051, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.020108, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.020145, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.020191, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.020793, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.021084, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.021141, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.021176, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:14.021225, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:14.021268, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000011-0000-0000-2953-5abe88600000
value_name : 'Architecture'
offered : 0x00000208 (520)
[2014/03/19 16:57:14.021417, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.021486, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:14.021532, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [Architecture]
[2014/03/19 16:57:14.021564, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:Architecture
[2014/03/19 16:57:14.021642, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_SZ (1)
data : *
data: ARRAY(520)
[0] : 0x57 (87)
[1] : 0x00 (0)
[2] : 0x69 (105)
[3] : 0x00 (0)
[4] : 0x6e (110)
[5] : 0x00 (0)
[6] : 0x64 (100)
[7] : 0x00 (0)
[8] : 0x6f (111)
[9] : 0x00 (0)
[10] : 0x77 (119)
[11] : 0x00 (0)
[12] : 0x73 (115)
[13] : 0x00 (0)
[14] : 0x20 (32)
[15] : 0x00 (0)
[16] : 0x4e (78)
[17] : 0x00 (0)
[18] : 0x54 (84)
[19] : 0x00 (0)
[20] : 0x20 (32)
[21] : 0x00 (0)
[22] : 0x78 (120)
[23] : 0x00 (0)
[24] : 0x38 (56)
[25] : 0x00 (0)
[26] : 0x36 (54)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x00 (0)
[31] : 0x00 (0)
[32] : 0x00 (0)
[33] : 0x00 (0)
[34] : 0x00 (0)
[35] : 0x00 (0)
[36] : 0x00 (0)
[37] : 0x00 (0)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x00 (0)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x00 (0)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
[54] : 0x00 (0)
[55] : 0x00 (0)
[56] : 0x00 (0)
[57] : 0x00 (0)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x00 (0)
[64] : 0x00 (0)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x00 (0)
[69] : 0x00 (0)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x00 (0)
[75] : 0x00 (0)
[76] : 0x00 (0)
[77] : 0x00 (0)
[78] : 0x00 (0)
[79] : 0x00 (0)
[80] : 0x00 (0)
[81] : 0x00 (0)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x00 (0)
[88] : 0x00 (0)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x00 (0)
[93] : 0x00 (0)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x00 (0)
[99] : 0x00 (0)
[100] : 0x00 (0)
[101] : 0x00 (0)
[102] : 0x00 (0)
[103] : 0x00 (0)
[104] : 0x00 (0)
[105] : 0x00 (0)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x00 (0)
[112] : 0x00 (0)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x00 (0)
[117] : 0x00 (0)
[118] : 0x00 (0)
[119] : 0x00 (0)
[120] : 0x00 (0)
[121] : 0x00 (0)
[122] : 0x00 (0)
[123] : 0x00 (0)
[124] : 0x00 (0)
[125] : 0x00 (0)
[126] : 0x00 (0)
[127] : 0x00 (0)
[128] : 0x00 (0)
[129] : 0x00 (0)
[130] : 0x00 (0)
[131] : 0x00 (0)
[132] : 0x00 (0)
[133] : 0x00 (0)
[134] : 0x00 (0)
[135] : 0x00 (0)
[136] : 0x00 (0)
[137] : 0x00 (0)
[138] : 0x00 (0)
[139] : 0x00 (0)
[140] : 0x00 (0)
[141] : 0x00 (0)
[142] : 0x00 (0)
[143] : 0x00 (0)
[144] : 0x00 (0)
[145] : 0x00 (0)
[146] : 0x00 (0)
[147] : 0x00 (0)
[148] : 0x00 (0)
[149] : 0x00 (0)
[150] : 0x00 (0)
[151] : 0x00 (0)
[152] : 0x00 (0)
[153] : 0x00 (0)
[154] : 0x00 (0)
[155] : 0x00 (0)
[156] : 0x00 (0)
[157] : 0x00 (0)
[158] : 0x00 (0)
[159] : 0x00 (0)
[160] : 0x00 (0)
[161] : 0x00 (0)
[162] : 0x00 (0)
[163] : 0x00 (0)
[164] : 0x00 (0)
[165] : 0x00 (0)
[166] : 0x00 (0)
[167] : 0x00 (0)
[168] : 0x00 (0)
[169] : 0x00 (0)
[170] : 0x00 (0)
[171] : 0x00 (0)
[172] : 0x00 (0)
[173] : 0x00 (0)
[174] : 0x00 (0)
[175] : 0x00 (0)
[176] : 0x00 (0)
[177] : 0x00 (0)
[178] : 0x00 (0)
[179] : 0x00 (0)
[180] : 0x00 (0)
[181] : 0x00 (0)
[182] : 0x00 (0)
[183] : 0x00 (0)
[184] : 0x00 (0)
[185] : 0x00 (0)
[186] : 0x00 (0)
[187] : 0x00 (0)
[188] : 0x00 (0)
[189] : 0x00 (0)
[190] : 0x00 (0)
[191] : 0x00 (0)
[192] : 0x00 (0)
[193] : 0x00 (0)
[194] : 0x00 (0)
[195] : 0x00 (0)
[196] : 0x00 (0)
[197] : 0x00 (0)
[198] : 0x00 (0)
[199] : 0x00 (0)
[200] : 0x00 (0)
[201] : 0x00 (0)
[202] : 0x00 (0)
[203] : 0x00 (0)
[204] : 0x00 (0)
[205] : 0x00 (0)
[206] : 0x00 (0)
[207] : 0x00 (0)
[208] : 0x00 (0)
[209] : 0x00 (0)
[210] : 0x00 (0)
[211] : 0x00 (0)
[212] : 0x00 (0)
[213] : 0x00 (0)
[214] : 0x00 (0)
[215] : 0x00 (0)
[216] : 0x00 (0)
[217] : 0x00 (0)
[218] : 0x00 (0)
[219] : 0x00 (0)
[220] : 0x00 (0)
[221] : 0x00 (0)
[222] : 0x00 (0)
[223] : 0x00 (0)
[224] : 0x00 (0)
[225] : 0x00 (0)
[226] : 0x00 (0)
[227] : 0x00 (0)
[228] : 0x00 (0)
[229] : 0x00 (0)
[230] : 0x00 (0)
[231] : 0x00 (0)
[232] : 0x00 (0)
[233] : 0x00 (0)
[234] : 0x00 (0)
[235] : 0x00 (0)
[236] : 0x00 (0)
[237] : 0x00 (0)
[238] : 0x00 (0)
[239] : 0x00 (0)
[240] : 0x00 (0)
[241] : 0x00 (0)
[242] : 0x00 (0)
[243] : 0x00 (0)
[244] : 0x00 (0)
[245] : 0x00 (0)
[246] : 0x00 (0)
[247] : 0x00 (0)
[248] : 0x00 (0)
[249] : 0x00 (0)
[250] : 0x00 (0)
[251] : 0x00 (0)
[252] : 0x00 (0)
[253] : 0x00 (0)
[254] : 0x00 (0)
[255] : 0x00 (0)
[256] : 0x00 (0)
[257] : 0x00 (0)
[258] : 0x00 (0)
[259] : 0x00 (0)
[260] : 0x00 (0)
[261] : 0x00 (0)
[262] : 0x00 (0)
[263] : 0x00 (0)
[264] : 0x00 (0)
[265] : 0x00 (0)
[266] : 0x00 (0)
[267] : 0x00 (0)
[268] : 0x00 (0)
[269] : 0x00 (0)
[270] : 0x00 (0)
[271] : 0x00 (0)
[272] : 0x00 (0)
[273] : 0x00 (0)
[274] : 0x00 (0)
[275] : 0x00 (0)
[276] : 0x00 (0)
[277] : 0x00 (0)
[278] : 0x00 (0)
[279] : 0x00 (0)
[280] : 0x00 (0)
[281] : 0x00 (0)
[282] : 0x00 (0)
[283] : 0x00 (0)
[284] : 0x00 (0)
[285] : 0x00 (0)
[286] : 0x00 (0)
[287] : 0x00 (0)
[288] : 0x00 (0)
[289] : 0x00 (0)
[290] : 0x00 (0)
[291] : 0x00 (0)
[292] : 0x00 (0)
[293] : 0x00 (0)
[294] : 0x00 (0)
[295] : 0x00 (0)
[296] : 0x00 (0)
[297] : 0x00 (0)
[298] : 0x00 (0)
[299] : 0x00 (0)
[300] : 0x00 (0)
[301] : 0x00 (0)
[302] : 0x00 (0)
[303] : 0x00 (0)
[304] : 0x00 (0)
[305] : 0x00 (0)
[306] : 0x00 (0)
[307] : 0x00 (0)
[308] : 0x00 (0)
[309] : 0x00 (0)
[310] : 0x00 (0)
[311] : 0x00 (0)
[312] : 0x00 (0)
[313] : 0x00 (0)
[314] : 0x00 (0)
[315] : 0x00 (0)
[316] : 0x00 (0)
[317] : 0x00 (0)
[318] : 0x00 (0)
[319] : 0x00 (0)
[320] : 0x00 (0)
[321] : 0x00 (0)
[322] : 0x00 (0)
[323] : 0x00 (0)
[324] : 0x00 (0)
[325] : 0x00 (0)
[326] : 0x00 (0)
[327] : 0x00 (0)
[328] : 0x00 (0)
[329] : 0x00 (0)
[330] : 0x00 (0)
[331] : 0x00 (0)
[332] : 0x00 (0)
[333] : 0x00 (0)
[334] : 0x00 (0)
[335] : 0x00 (0)
[336] : 0x00 (0)
[337] : 0x00 (0)
[338] : 0x00 (0)
[339] : 0x00 (0)
[340] : 0x00 (0)
[341] : 0x00 (0)
[342] : 0x00 (0)
[343] : 0x00 (0)
[344] : 0x00 (0)
[345] : 0x00 (0)
[346] : 0x00 (0)
[347] : 0x00 (0)
[348] : 0x00 (0)
[349] : 0x00 (0)
[350] : 0x00 (0)
[351] : 0x00 (0)
[352] : 0x00 (0)
[353] : 0x00 (0)
[354] : 0x00 (0)
[355] : 0x00 (0)
[356] : 0x00 (0)
[357] : 0x00 (0)
[358] : 0x00 (0)
[359] : 0x00 (0)
[360] : 0x00 (0)
[361] : 0x00 (0)
[362] : 0x00 (0)
[363] : 0x00 (0)
[364] : 0x00 (0)
[365] : 0x00 (0)
[366] : 0x00 (0)
[367] : 0x00 (0)
[368] : 0x00 (0)
[369] : 0x00 (0)
[370] : 0x00 (0)
[371] : 0x00 (0)
[372] : 0x00 (0)
[373] : 0x00 (0)
[374] : 0x00 (0)
[375] : 0x00 (0)
[376] : 0x00 (0)
[377] : 0x00 (0)
[378] : 0x00 (0)
[379] : 0x00 (0)
[380] : 0x00 (0)
[381] : 0x00 (0)
[382] : 0x00 (0)
[383] : 0x00 (0)
[384] : 0x00 (0)
[385] : 0x00 (0)
[386] : 0x00 (0)
[387] : 0x00 (0)
[388] : 0x00 (0)
[389] : 0x00 (0)
[390] : 0x00 (0)
[391] : 0x00 (0)
[392] : 0x00 (0)
[393] : 0x00 (0)
[394] : 0x00 (0)
[395] : 0x00 (0)
[396] : 0x00 (0)
[397] : 0x00 (0)
[398] : 0x00 (0)
[399] : 0x00 (0)
[400] : 0x00 (0)
[401] : 0x00 (0)
[402] : 0x00 (0)
[403] : 0x00 (0)
[404] : 0x00 (0)
[405] : 0x00 (0)
[406] : 0x00 (0)
[407] : 0x00 (0)
[408] : 0x00 (0)
[409] : 0x00 (0)
[410] : 0x00 (0)
[411] : 0x00 (0)
[412] : 0x00 (0)
[413] : 0x00 (0)
[414] : 0x00 (0)
[415] : 0x00 (0)
[416] : 0x00 (0)
[417] : 0x00 (0)
[418] : 0x00 (0)
[419] : 0x00 (0)
[420] : 0x00 (0)
[421] : 0x00 (0)
[422] : 0x00 (0)
[423] : 0x00 (0)
[424] : 0x00 (0)
[425] : 0x00 (0)
[426] : 0x00 (0)
[427] : 0x00 (0)
[428] : 0x00 (0)
[429] : 0x00 (0)
[430] : 0x00 (0)
[431] : 0x00 (0)
[432] : 0x00 (0)
[433] : 0x00 (0)
[434] : 0x00 (0)
[435] : 0x00 (0)
[436] : 0x00 (0)
[437] : 0x00 (0)
[438] : 0x00 (0)
[439] : 0x00 (0)
[440] : 0x00 (0)
[441] : 0x00 (0)
[442] : 0x00 (0)
[443] : 0x00 (0)
[444] : 0x00 (0)
[445] : 0x00 (0)
[446] : 0x00 (0)
[447] : 0x00 (0)
[448] : 0x00 (0)
[449] : 0x00 (0)
[450] : 0x00 (0)
[451] : 0x00 (0)
[452] : 0x00 (0)
[453] : 0x00 (0)
[454] : 0x00 (0)
[455] : 0x00 (0)
[456] : 0x00 (0)
[457] : 0x00 (0)
[458] : 0x00 (0)
[459] : 0x00 (0)
[460] : 0x00 (0)
[461] : 0x00 (0)
[462] : 0x00 (0)
[463] : 0x00 (0)
[464] : 0x00 (0)
[465] : 0x00 (0)
[466] : 0x00 (0)
[467] : 0x00 (0)
[468] : 0x00 (0)
[469] : 0x00 (0)
[470] : 0x00 (0)
[471] : 0x00 (0)
[472] : 0x00 (0)
[473] : 0x00 (0)
[474] : 0x00 (0)
[475] : 0x00 (0)
[476] : 0x00 (0)
[477] : 0x00 (0)
[478] : 0x00 (0)
[479] : 0x00 (0)
[480] : 0x00 (0)
[481] : 0x00 (0)
[482] : 0x00 (0)
[483] : 0x00 (0)
[484] : 0x00 (0)
[485] : 0x00 (0)
[486] : 0x00 (0)
[487] : 0x00 (0)
[488] : 0x00 (0)
[489] : 0x00 (0)
[490] : 0x00 (0)
[491] : 0x00 (0)
[492] : 0x00 (0)
[493] : 0x00 (0)
[494] : 0x00 (0)
[495] : 0x00 (0)
[496] : 0x00 (0)
[497] : 0x00 (0)
[498] : 0x00 (0)
[499] : 0x00 (0)
[500] : 0x00 (0)
[501] : 0x00 (0)
[502] : 0x00 (0)
[503] : 0x00 (0)
[504] : 0x00 (0)
[505] : 0x00 (0)
[506] : 0x00 (0)
[507] : 0x00 (0)
[508] : 0x00 (0)
[509] : 0x00 (0)
[510] : 0x00 (0)
[511] : 0x00 (0)
[512] : 0x00 (0)
[513] : 0x00 (0)
[514] : 0x00 (0)
[515] : 0x00 (0)
[516] : 0x00 (0)
[517] : 0x00 (0)
[518] : 0x00 (0)
[519] : 0x00 (0)
needed : *
needed : 0x0000001e (30)
result : WERR_OK
[2014/03/19 16:57:14.029928, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.030058, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.030093, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0230 (560)
auth_length : 0x0000 (0)
call_id : 0x00000003 (3)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000218 (536)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=536
[0000] 01 00 00 00 08 02 00 00 57 00 69 00 6E 00 64 00 ........ W.i.n.d.
[0010] 6F 00 77 00 73 00 20 00 4E 00 54 00 20 00 78 00 o.w.s. . N.T. .x.
[0020] 38 00 36 00 00 00 00 00 00 00 00 00 00 00 00 00 8.6..... ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0210] 1E 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:14.031210, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 536 bytes
[2014/03/19 16:57:14.031259, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 560
[2014/03/19 16:57:14.031315, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 7 going async
[2014/03/19 16:57:14.031356, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/8/31
[2014/03/19 16:57:14.031384, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.031546, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 560 bytes. There is no more data outstanding
[2014/03/19 16:57:14.031589, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 560 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.031618, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 560 status NT_STATUS_OK
[2014/03/19 16:57:14.031662, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:560] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.031712, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/8/31
[2014/03/19 16:57:14.032111, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.032160, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 8 (position 8) from bitmap
[2014/03/19 16:57:14.032191, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 8
[2014/03/19 16:57:14.032230, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.032261, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 8, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.032298, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4045892411
[2014/03/19 16:57:14.032337, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 88
[2014/03/19 16:57:14.032365, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 88
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 88
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.032532, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 88
[2014/03/19 16:57:14.032572, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.032655, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.032698, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.032725, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.032765, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.032803, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.032833, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.033489, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.033650, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.033681, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.033719, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:14.033759, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:14.033791, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000011-0000-0000-2953-5abe88600000
value_name : 'MajorVersion'
offered : 0x00000004 (4)
[2014/03/19 16:57:14.033910, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.033967, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:14.034060, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [MajorVersion]
[2014/03/19 16:57:14.034095, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:MajorVersion
[2014/03/19 16:57:14.034128, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x03 (3)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
needed : *
needed : 0x00000004 (4)
result : WERR_OK
[2014/03/19 16:57:14.034304, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.034349, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.034383, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x002c (44)
auth_length : 0x0000 (0)
call_id : 0x00000004 (4)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000014 (20)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=20
[0000] 04 00 00 00 04 00 00 00 03 00 00 00 04 00 00 00 ........ ........
[0010] 00 00 00 00 ....
[2014/03/19 16:57:14.035275, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 20 bytes
[2014/03/19 16:57:14.035319, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 44
[2014/03/19 16:57:14.035378, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 8 going async
[2014/03/19 16:57:14.035421, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/9/31
[2014/03/19 16:57:14.035457, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.035635, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 44 bytes. There is no more data outstanding
[2014/03/19 16:57:14.035682, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 44 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.035713, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 44 status NT_STATUS_OK
[2014/03/19 16:57:14.035752, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:44] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.035793, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/9/31
[2014/03/19 16:57:14.036597, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.036641, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 9 (position 9) from bitmap
[2014/03/19 16:57:14.036671, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 9
[2014/03/19 16:57:14.036711, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.036741, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 9, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.036780, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4045892411
[2014/03/19 16:57:14.036811, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 44
[2014/03/19 16:57:14.036864, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 44
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 44
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.037118, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 44
[2014/03/19 16:57:14.037218, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.037307, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.037340, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.037380, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.037431, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.037462, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.037512, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.038155, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.038309, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.038350, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.038391, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1d - api_rpcTNP: rpc command: SPOOLSS_CLOSEPRINTER
[2014/03/19 16:57:14.038428, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[29].fn == 0x7f5de30319b4
[2014/03/19 16:57:14.038472, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
in: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000011-0000-0000-2953-5abe88600000
[2014/03/19 16:57:14.038580, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.038642, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.038702, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.038761, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:14.038795, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
out: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:14.038917, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.038964, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.039073, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000005 (5)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:14.039475, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.039505, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.039565, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 9 going async
[2014/03/19 16:57:14.039610, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/10/31
[2014/03/19 16:57:14.039640, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.039811, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.039856, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.039897, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.039927, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.039968, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/10/31
[2014/03/19 16:57:14.040112, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.040223, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 10 (position 10) from bitmap
[2014/03/19 16:57:14.040266, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 10
[2014/03/19 16:57:14.040298, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.040341, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:14.040397, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.040436, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.040468, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 996CF2C9
[2014/03/19 16:57:14.040513, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de585f800
[2014/03/19 16:57:14.040570, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key '996CF2C9' stored
[2014/03/19 16:57:14.040603, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x996cf2c9 (2574054089)
open_persistent_id : 0x00000000996cf2c9 (2574054089)
open_volatile_id : 0x00000000f458a3cc (4099449804)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:14.040961, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 996CF2C9
[2014/03/19 16:57:14.041040, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.041076, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.041116, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0x996cf2c9) stored
[2014/03/19 16:57:14.041153, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0xf458a3cc (4099449804)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x996cf2c9 (2574054089)
open_persistent_id : 0x00000000996cf2c9 (2574054089)
open_volatile_id : 0x00000000f458a3cc (4099449804)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
compat : NULL
[2014/03/19 16:57:14.041588, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 4099449804 (2 used)
[2014/03/19 16:57:14.041621, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:14.041669, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:14.041772, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:14.041810, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 4099449804
[2014/03/19 16:57:14.041855, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:14.041897, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/11/31
[2014/03/19 16:57:14.042169, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.042216, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 11 (position 11) from bitmap
[2014/03/19 16:57:14.042257, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 11
[2014/03/19 16:57:14.042289, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.042344, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 4045892411
[2014/03/19 16:57:14.042397, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.042437, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.042468, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 488E7836
[2014/03/19 16:57:14.042511, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de5875640
[2014/03/19 16:57:14.042567, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 488E7836
[2014/03/19 16:57:14.042600, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.042639, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.042694, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:14.042744, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 4045892411 (1 used)
[2014/03/19 16:57:14.042805, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:14.042839, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/12/31
[2014/03/19 16:57:14.043281, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.043507, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 12 (position 12) from bitmap
[2014/03/19 16:57:14.043571, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 12
[2014/03/19 16:57:14.043669, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.043817, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 12, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.043912, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 4099449804
[2014/03/19 16:57:14.044094, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.044533, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:14.044638, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/13/31
[2014/03/19 16:57:14.046158, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.046196, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:14.046229, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.046259, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:14.046343, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:14.046432, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.046522, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:14.046647, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:14.046784, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:14.048131, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:14.048162, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:14.048370, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.048469, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 13 (position 13) from bitmap
[2014/03/19 16:57:14.048558, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 13
[2014/03/19 16:57:14.048651, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.048745, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 13, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.048835, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 4099449804
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.049293, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:14.049346, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:14.049393, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/14/31
[2014/03/19 16:57:14.049823, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.049878, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 14 (position 14) from bitmap
[2014/03/19 16:57:14.049947, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 14
[2014/03/19 16:57:14.050079, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.050120, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 14, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.050169, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4099449804
[2014/03/19 16:57:14.050216, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 194
[2014/03/19 16:57:14.050258, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 194
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 194
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.050470, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 194
[2014/03/19 16:57:14.050519, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.050613, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.050663, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.050706, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.050754, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.050801, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.050845, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.051313, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.051542, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.051590, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.051652, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX
[2014/03/19 16:57:14.051702, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[69].fn == 0x7f5de3038ac3
[2014/03/19 16:57:14.051757, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
in: struct spoolss_OpenPrinterEx
printername : *
printername : '\\samba'
datatype : NULL
devmode_ctr: struct spoolss_DevmodeContainer
_ndr_size : 0x00000000 (0)
devmode : NULL
access_mask : 0x000f0003 (983043)
1: SERVER_ACCESS_ADMINISTER
1: SERVER_ACCESS_ENUMERATE
0: PRINTER_ACCESS_ADMINISTER
0: PRINTER_ACCESS_USE
0: JOB_ACCESS_ADMINISTER
0: JOB_ACCESS_READ
userlevel_ctr: struct spoolss_UserLevelCtr
level : 0x00000001 (1)
user_info : union spoolss_UserLevel(case 1)
level1 : *
level1: struct spoolss_UserLevel1
size : 0x00000028 (40)
client : *
client : 'WIN7CLI'
user : *
user : 'LEVEL1\Administrator'
build : 0x00001db1 (7601)
major : UNKNOWN_ENUM_VALUE (3)
minor : SPOOLSS_MINOR_VERSION_0 (0)
processor : PROCESSOR_ARCHITECTURE_AMD64 (9)
checking name: \\samba
[2014/03/19 16:57:14.052333, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:739(open_printer_hnd)
open_printer_hnd: name [\\samba]
[2014/03/19 16:57:14.052382, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 12 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.052485, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:507(set_printer_hnd_printertype)
Setting printer type=\\samba
Printer is a print server
[2014/03/19 16:57:14.052542, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:567(set_printer_hnd_name)
Setting printer name=\\samba (len=7)
[2014/03/19 16:57:14.052589, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:775(open_printer_hnd)
1 printer handles active
[2014/03/19 16:57:14.052632, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 12 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.052713, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:1838(_spoolss_OpenPrinterEx)
Setting print server access = SERVER_ACCESS_ADMINISTER
[2014/03/19 16:57:14.052757, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
out: struct spoolss_OpenPrinterEx
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000012-0000-0000-2953-5abe88600000
result : WERR_OK
[2014/03/19 16:57:14.052896, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.052952, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.053060, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 12 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 00 00 00 00 .`......
[2014/03/19 16:57:14.053623, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.053670, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.053744, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 14 going async
[2014/03/19 16:57:14.053793, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/15/31
[2014/03/19 16:57:14.053838, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.054069, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.054135, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.054182, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.054226, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.054271, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/15/31
[2014/03/19 16:57:14.056193, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.056260, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 15 (position 15) from bitmap
[2014/03/19 16:57:14.056306, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 15
[2014/03/19 16:57:14.056352, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.056421, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 15, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.056465, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4099449804
[2014/03/19 16:57:14.056529, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 44
[2014/03/19 16:57:14.056593, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 44
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 44
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.056805, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 44
[2014/03/19 16:57:14.056852, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.056944, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.056991, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.057060, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.057118, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.057165, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.057208, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.057908, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.058056, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.058111, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.058196, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1d - api_rpcTNP: rpc command: SPOOLSS_CLOSEPRINTER
[2014/03/19 16:57:14.058232, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[29].fn == 0x7f5de30319b4
[2014/03/19 16:57:14.058266, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
in: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000012-0000-0000-2953-5abe88600000
[2014/03/19 16:57:14.058358, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 12 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.058414, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 12 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.058467, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 12 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.058520, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:14.058551, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
out: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:14.058652, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.058699, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.058739, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000003 (3)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:14.059933, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.059967, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.060096, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 15 going async
[2014/03/19 16:57:14.060136, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/16/31
[2014/03/19 16:57:14.060170, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.060317, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.060355, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.060403, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.060436, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.060476, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/16/31
[2014/03/19 16:57:14.060572, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.060610, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 16 (position 16) from bitmap
[2014/03/19 16:57:14.060643, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 16
[2014/03/19 16:57:14.060678, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.060725, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:14.060785, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.060818, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.060852, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key F06DA943
[2014/03/19 16:57:14.060899, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586bd70
[2014/03/19 16:57:14.060950, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key 'F06DA943' stored
[2014/03/19 16:57:14.060988, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0xf06da943 (4033718595)
open_persistent_id : 0x00000000f06da943 (4033718595)
open_volatile_id : 0x00000000888341f1 (2290303473)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:14.061309, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key F06DA943
[2014/03/19 16:57:14.061356, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.061389, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.061421, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0xf06da943) stored
[2014/03/19 16:57:14.061452, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0x888341f1 (2290303473)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0xf06da943 (4033718595)
open_persistent_id : 0x00000000f06da943 (4033718595)
open_volatile_id : 0x00000000888341f1 (2290303473)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
compat : NULL
[2014/03/19 16:57:14.061924, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 2290303473 (2 used)
[2014/03/19 16:57:14.061961, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:14.062051, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:14.062147, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:14.062188, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 2290303473
[2014/03/19 16:57:14.062247, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:14.062283, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/17/31
[2014/03/19 16:57:14.062894, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.062946, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 17 (position 17) from bitmap
[2014/03/19 16:57:14.062979, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 17
[2014/03/19 16:57:14.063049, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.063106, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 4099449804
[2014/03/19 16:57:14.063143, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.063176, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.063210, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 996CF2C9
[2014/03/19 16:57:14.063259, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de5872220
[2014/03/19 16:57:14.063298, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 996CF2C9
[2014/03/19 16:57:14.063332, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.063363, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.063406, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:14.063462, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 4099449804 (1 used)
[2014/03/19 16:57:14.063505, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:14.063543, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/18/31
[2014/03/19 16:57:14.064155, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.064202, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 18 (position 18) from bitmap
[2014/03/19 16:57:14.064236, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 18
[2014/03/19 16:57:14.064270, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.064320, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 18, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.064354, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 2290303473
[2014/03/19 16:57:14.064388, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.064988, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:14.065054, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/19/31
[2014/03/19 16:57:14.065175, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.065220, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:14.065259, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.065296, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:14.065331, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:14.065367, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.065404, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:14.065454, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:14.065501, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:14.066108, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:14.066171, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:14.066271, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.066311, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 19 (position 19) from bitmap
[2014/03/19 16:57:14.066347, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 19
[2014/03/19 16:57:14.066398, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.066437, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 19, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.066473, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 2290303473
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.066709, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:14.066751, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:14.066804, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/20/31
[2014/03/19 16:57:14.067471, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.067517, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 20 (position 20) from bitmap
[2014/03/19 16:57:14.067555, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 20
[2014/03/19 16:57:14.067593, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.067646, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 20, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.067684, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 2290303473
[2014/03/19 16:57:14.067721, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 194
[2014/03/19 16:57:14.067755, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 194
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 194
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.067944, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 194
[2014/03/19 16:57:14.067984, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.068126, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.068168, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.068219, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.068258, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.068304, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.068341, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.068953, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.069149, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.069187, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.069233, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX
[2014/03/19 16:57:14.069271, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[69].fn == 0x7f5de3038ac3
[2014/03/19 16:57:14.069311, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
in: struct spoolss_OpenPrinterEx
printername : *
printername : '\\samba'
datatype : NULL
devmode_ctr: struct spoolss_DevmodeContainer
_ndr_size : 0x00000000 (0)
devmode : NULL
access_mask : 0x00020002 (131074)
0: SERVER_ACCESS_ADMINISTER
1: SERVER_ACCESS_ENUMERATE
0: PRINTER_ACCESS_ADMINISTER
0: PRINTER_ACCESS_USE
0: JOB_ACCESS_ADMINISTER
0: JOB_ACCESS_READ
userlevel_ctr: struct spoolss_UserLevelCtr
level : 0x00000001 (1)
user_info : union spoolss_UserLevel(case 1)
level1 : *
level1: struct spoolss_UserLevel1
size : 0x00000028 (40)
client : *
client : 'WIN7CLI'
user : *
user : 'LEVEL1\Administrator'
build : 0x00001db1 (7601)
major : UNKNOWN_ENUM_VALUE (3)
minor : SPOOLSS_MINOR_VERSION_0 (0)
processor : PROCESSOR_ARCHITECTURE_AMD64 (9)
checking name: \\samba
[2014/03/19 16:57:14.069711, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:739(open_printer_hnd)
open_printer_hnd: name [\\samba]
[2014/03/19 16:57:14.069747, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 13 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.069815, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:507(set_printer_hnd_printertype)
Setting printer type=\\samba
Printer is a print server
[2014/03/19 16:57:14.069858, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:567(set_printer_hnd_name)
Setting printer name=\\samba (len=7)
[2014/03/19 16:57:14.069894, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:775(open_printer_hnd)
1 printer handles active
[2014/03/19 16:57:14.069926, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 13 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.069982, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:1838(_spoolss_OpenPrinterEx)
Setting print server access = SERVER_ACCESS_ENUMERATE
[2014/03/19 16:57:14.070082, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
out: struct spoolss_OpenPrinterEx
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000013-0000-0000-2953-5abe88600000
result : WERR_OK
[2014/03/19 16:57:14.070204, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.070248, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.070295, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 13 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 00 00 00 00 .`......
[2014/03/19 16:57:14.070687, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.070721, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.070786, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 20 going async
[2014/03/19 16:57:14.070826, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/21/31
[2014/03/19 16:57:14.070860, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.071058, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.071117, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.071166, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.071200, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.071246, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/21/31
[2014/03/19 16:57:14.072320, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.072375, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 21 (position 21) from bitmap
[2014/03/19 16:57:14.072412, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 21
[2014/03/19 16:57:14.072450, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.072487, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 21, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.072522, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 2290303473
[2014/03/19 16:57:14.072558, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 88
[2014/03/19 16:57:14.072590, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 88
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 88
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.072758, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 88
[2014/03/19 16:57:14.072796, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.072890, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.072929, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.072962, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.073102, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.073152, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.073188, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.074525, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.074710, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.074714, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.074714, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:14.074758, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:14.074797, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000013-0000-0000-2953-5abe88600000
value_name : 'Architecture'
offered : 0x00000208 (520)
[2014/03/19 16:57:14.074917, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 13 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.074982, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:14.075043, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [Architecture]
[2014/03/19 16:57:14.075086, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:Architecture
[2014/03/19 16:57:14.075128, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_SZ (1)
data : *
data: ARRAY(520)
[0] : 0x57 (87)
[1] : 0x00 (0)
[2] : 0x69 (105)
[3] : 0x00 (0)
[4] : 0x6e (110)
[5] : 0x00 (0)
[6] : 0x64 (100)
[7] : 0x00 (0)
[8] : 0x6f (111)
[9] : 0x00 (0)
[10] : 0x77 (119)
[11] : 0x00 (0)
[12] : 0x73 (115)
[13] : 0x00 (0)
[14] : 0x20 (32)
[15] : 0x00 (0)
[16] : 0x4e (78)
[17] : 0x00 (0)
[18] : 0x54 (84)
[19] : 0x00 (0)
[20] : 0x20 (32)
[21] : 0x00 (0)
[22] : 0x78 (120)
[23] : 0x00 (0)
[24] : 0x38 (56)
[25] : 0x00 (0)
[26] : 0x36 (54)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x00 (0)
[31] : 0x00 (0)
[32] : 0x00 (0)
[33] : 0x00 (0)
[34] : 0x00 (0)
[35] : 0x00 (0)
[36] : 0x00 (0)
[37] : 0x00 (0)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x00 (0)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x00 (0)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
[54] : 0x00 (0)
[55] : 0x00 (0)
[56] : 0x00 (0)
[57] : 0x00 (0)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x00 (0)
[64] : 0x00 (0)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x00 (0)
[69] : 0x00 (0)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x00 (0)
[75] : 0x00 (0)
[76] : 0x00 (0)
[77] : 0x00 (0)
[78] : 0x00 (0)
[79] : 0x00 (0)
[80] : 0x00 (0)
[81] : 0x00 (0)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x00 (0)
[88] : 0x00 (0)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x00 (0)
[93] : 0x00 (0)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x00 (0)
[99] : 0x00 (0)
[100] : 0x00 (0)
[101] : 0x00 (0)
[102] : 0x00 (0)
[103] : 0x00 (0)
[104] : 0x00 (0)
[105] : 0x00 (0)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x00 (0)
[112] : 0x00 (0)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x00 (0)
[117] : 0x00 (0)
[118] : 0x00 (0)
[119] : 0x00 (0)
[120] : 0x00 (0)
[121] : 0x00 (0)
[122] : 0x00 (0)
[123] : 0x00 (0)
[124] : 0x00 (0)
[125] : 0x00 (0)
[126] : 0x00 (0)
[127] : 0x00 (0)
[128] : 0x00 (0)
[129] : 0x00 (0)
[130] : 0x00 (0)
[131] : 0x00 (0)
[132] : 0x00 (0)
[133] : 0x00 (0)
[134] : 0x00 (0)
[135] : 0x00 (0)
[136] : 0x00 (0)
[137] : 0x00 (0)
[138] : 0x00 (0)
[139] : 0x00 (0)
[140] : 0x00 (0)
[141] : 0x00 (0)
[142] : 0x00 (0)
[143] : 0x00 (0)
[144] : 0x00 (0)
[145] : 0x00 (0)
[146] : 0x00 (0)
[147] : 0x00 (0)
[148] : 0x00 (0)
[149] : 0x00 (0)
[150] : 0x00 (0)
[151] : 0x00 (0)
[152] : 0x00 (0)
[153] : 0x00 (0)
[154] : 0x00 (0)
[155] : 0x00 (0)
[156] : 0x00 (0)
[157] : 0x00 (0)
[158] : 0x00 (0)
[159] : 0x00 (0)
[160] : 0x00 (0)
[161] : 0x00 (0)
[162] : 0x00 (0)
[163] : 0x00 (0)
[164] : 0x00 (0)
[165] : 0x00 (0)
[166] : 0x00 (0)
[167] : 0x00 (0)
[168] : 0x00 (0)
[169] : 0x00 (0)
[170] : 0x00 (0)
[171] : 0x00 (0)
[172] : 0x00 (0)
[173] : 0x00 (0)
[174] : 0x00 (0)
[175] : 0x00 (0)
[176] : 0x00 (0)
[177] : 0x00 (0)
[178] : 0x00 (0)
[179] : 0x00 (0)
[180] : 0x00 (0)
[181] : 0x00 (0)
[182] : 0x00 (0)
[183] : 0x00 (0)
[184] : 0x00 (0)
[185] : 0x00 (0)
[186] : 0x00 (0)
[187] : 0x00 (0)
[188] : 0x00 (0)
[189] : 0x00 (0)
[190] : 0x00 (0)
[191] : 0x00 (0)
[192] : 0x00 (0)
[193] : 0x00 (0)
[194] : 0x00 (0)
[195] : 0x00 (0)
[196] : 0x00 (0)
[197] : 0x00 (0)
[198] : 0x00 (0)
[199] : 0x00 (0)
[200] : 0x00 (0)
[201] : 0x00 (0)
[202] : 0x00 (0)
[203] : 0x00 (0)
[204] : 0x00 (0)
[205] : 0x00 (0)
[206] : 0x00 (0)
[207] : 0x00 (0)
[208] : 0x00 (0)
[209] : 0x00 (0)
[210] : 0x00 (0)
[211] : 0x00 (0)
[212] : 0x00 (0)
[213] : 0x00 (0)
[214] : 0x00 (0)
[215] : 0x00 (0)
[216] : 0x00 (0)
[217] : 0x00 (0)
[218] : 0x00 (0)
[219] : 0x00 (0)
[220] : 0x00 (0)
[221] : 0x00 (0)
[222] : 0x00 (0)
[223] : 0x00 (0)
[224] : 0x00 (0)
[225] : 0x00 (0)
[226] : 0x00 (0)
[227] : 0x00 (0)
[228] : 0x00 (0)
[229] : 0x00 (0)
[230] : 0x00 (0)
[231] : 0x00 (0)
[232] : 0x00 (0)
[233] : 0x00 (0)
[234] : 0x00 (0)
[235] : 0x00 (0)
[236] : 0x00 (0)
[237] : 0x00 (0)
[238] : 0x00 (0)
[239] : 0x00 (0)
[240] : 0x00 (0)
[241] : 0x00 (0)
[242] : 0x00 (0)
[243] : 0x00 (0)
[244] : 0x00 (0)
[245] : 0x00 (0)
[246] : 0x00 (0)
[247] : 0x00 (0)
[248] : 0x00 (0)
[249] : 0x00 (0)
[250] : 0x00 (0)
[251] : 0x00 (0)
[252] : 0x00 (0)
[253] : 0x00 (0)
[254] : 0x00 (0)
[255] : 0x00 (0)
[256] : 0x00 (0)
[257] : 0x00 (0)
[258] : 0x00 (0)
[259] : 0x00 (0)
[260] : 0x00 (0)
[261] : 0x00 (0)
[262] : 0x00 (0)
[263] : 0x00 (0)
[264] : 0x00 (0)
[265] : 0x00 (0)
[266] : 0x00 (0)
[267] : 0x00 (0)
[268] : 0x00 (0)
[269] : 0x00 (0)
[270] : 0x00 (0)
[271] : 0x00 (0)
[272] : 0x00 (0)
[273] : 0x00 (0)
[274] : 0x00 (0)
[275] : 0x00 (0)
[276] : 0x00 (0)
[277] : 0x00 (0)
[278] : 0x00 (0)
[279] : 0x00 (0)
[280] : 0x00 (0)
[281] : 0x00 (0)
[282] : 0x00 (0)
[283] : 0x00 (0)
[284] : 0x00 (0)
[285] : 0x00 (0)
[286] : 0x00 (0)
[287] : 0x00 (0)
[288] : 0x00 (0)
[289] : 0x00 (0)
[290] : 0x00 (0)
[291] : 0x00 (0)
[292] : 0x00 (0)
[293] : 0x00 (0)
[294] : 0x00 (0)
[295] : 0x00 (0)
[296] : 0x00 (0)
[297] : 0x00 (0)
[298] : 0x00 (0)
[299] : 0x00 (0)
[300] : 0x00 (0)
[301] : 0x00 (0)
[302] : 0x00 (0)
[303] : 0x00 (0)
[304] : 0x00 (0)
[305] : 0x00 (0)
[306] : 0x00 (0)
[307] : 0x00 (0)
[308] : 0x00 (0)
[309] : 0x00 (0)
[310] : 0x00 (0)
[311] : 0x00 (0)
[312] : 0x00 (0)
[313] : 0x00 (0)
[314] : 0x00 (0)
[315] : 0x00 (0)
[316] : 0x00 (0)
[317] : 0x00 (0)
[318] : 0x00 (0)
[319] : 0x00 (0)
[320] : 0x00 (0)
[321] : 0x00 (0)
[322] : 0x00 (0)
[323] : 0x00 (0)
[324] : 0x00 (0)
[325] : 0x00 (0)
[326] : 0x00 (0)
[327] : 0x00 (0)
[328] : 0x00 (0)
[329] : 0x00 (0)
[330] : 0x00 (0)
[331] : 0x00 (0)
[332] : 0x00 (0)
[333] : 0x00 (0)
[334] : 0x00 (0)
[335] : 0x00 (0)
[336] : 0x00 (0)
[337] : 0x00 (0)
[338] : 0x00 (0)
[339] : 0x00 (0)
[340] : 0x00 (0)
[341] : 0x00 (0)
[342] : 0x00 (0)
[343] : 0x00 (0)
[344] : 0x00 (0)
[345] : 0x00 (0)
[346] : 0x00 (0)
[347] : 0x00 (0)
[348] : 0x00 (0)
[349] : 0x00 (0)
[350] : 0x00 (0)
[351] : 0x00 (0)
[352] : 0x00 (0)
[353] : 0x00 (0)
[354] : 0x00 (0)
[355] : 0x00 (0)
[356] : 0x00 (0)
[357] : 0x00 (0)
[358] : 0x00 (0)
[359] : 0x00 (0)
[360] : 0x00 (0)
[361] : 0x00 (0)
[362] : 0x00 (0)
[363] : 0x00 (0)
[364] : 0x00 (0)
[365] : 0x00 (0)
[366] : 0x00 (0)
[367] : 0x00 (0)
[368] : 0x00 (0)
[369] : 0x00 (0)
[370] : 0x00 (0)
[371] : 0x00 (0)
[372] : 0x00 (0)
[373] : 0x00 (0)
[374] : 0x00 (0)
[375] : 0x00 (0)
[376] : 0x00 (0)
[377] : 0x00 (0)
[378] : 0x00 (0)
[379] : 0x00 (0)
[380] : 0x00 (0)
[381] : 0x00 (0)
[382] : 0x00 (0)
[383] : 0x00 (0)
[384] : 0x00 (0)
[385] : 0x00 (0)
[386] : 0x00 (0)
[387] : 0x00 (0)
[388] : 0x00 (0)
[389] : 0x00 (0)
[390] : 0x00 (0)
[391] : 0x00 (0)
[392] : 0x00 (0)
[393] : 0x00 (0)
[394] : 0x00 (0)
[395] : 0x00 (0)
[396] : 0x00 (0)
[397] : 0x00 (0)
[398] : 0x00 (0)
[399] : 0x00 (0)
[400] : 0x00 (0)
[401] : 0x00 (0)
[402] : 0x00 (0)
[403] : 0x00 (0)
[404] : 0x00 (0)
[405] : 0x00 (0)
[406] : 0x00 (0)
[407] : 0x00 (0)
[408] : 0x00 (0)
[409] : 0x00 (0)
[410] : 0x00 (0)
[411] : 0x00 (0)
[412] : 0x00 (0)
[413] : 0x00 (0)
[414] : 0x00 (0)
[415] : 0x00 (0)
[416] : 0x00 (0)
[417] : 0x00 (0)
[418] : 0x00 (0)
[419] : 0x00 (0)
[420] : 0x00 (0)
[421] : 0x00 (0)
[422] : 0x00 (0)
[423] : 0x00 (0)
[424] : 0x00 (0)
[425] : 0x00 (0)
[426] : 0x00 (0)
[427] : 0x00 (0)
[428] : 0x00 (0)
[429] : 0x00 (0)
[430] : 0x00 (0)
[431] : 0x00 (0)
[432] : 0x00 (0)
[433] : 0x00 (0)
[434] : 0x00 (0)
[435] : 0x00 (0)
[436] : 0x00 (0)
[437] : 0x00 (0)
[438] : 0x00 (0)
[439] : 0x00 (0)
[440] : 0x00 (0)
[441] : 0x00 (0)
[442] : 0x00 (0)
[443] : 0x00 (0)
[444] : 0x00 (0)
[445] : 0x00 (0)
[446] : 0x00 (0)
[447] : 0x00 (0)
[448] : 0x00 (0)
[449] : 0x00 (0)
[450] : 0x00 (0)
[451] : 0x00 (0)
[452] : 0x00 (0)
[453] : 0x00 (0)
[454] : 0x00 (0)
[455] : 0x00 (0)
[456] : 0x00 (0)
[457] : 0x00 (0)
[458] : 0x00 (0)
[459] : 0x00 (0)
[460] : 0x00 (0)
[461] : 0x00 (0)
[462] : 0x00 (0)
[463] : 0x00 (0)
[464] : 0x00 (0)
[465] : 0x00 (0)
[466] : 0x00 (0)
[467] : 0x00 (0)
[468] : 0x00 (0)
[469] : 0x00 (0)
[470] : 0x00 (0)
[471] : 0x00 (0)
[472] : 0x00 (0)
[473] : 0x00 (0)
[474] : 0x00 (0)
[475] : 0x00 (0)
[476] : 0x00 (0)
[477] : 0x00 (0)
[478] : 0x00 (0)
[479] : 0x00 (0)
[480] : 0x00 (0)
[481] : 0x00 (0)
[482] : 0x00 (0)
[483] : 0x00 (0)
[484] : 0x00 (0)
[485] : 0x00 (0)
[486] : 0x00 (0)
[487] : 0x00 (0)
[488] : 0x00 (0)
[489] : 0x00 (0)
[490] : 0x00 (0)
[491] : 0x00 (0)
[492] : 0x00 (0)
[493] : 0x00 (0)
[494] : 0x00 (0)
[495] : 0x00 (0)
[496] : 0x00 (0)
[497] : 0x00 (0)
[498] : 0x00 (0)
[499] : 0x00 (0)
[500] : 0x00 (0)
[501] : 0x00 (0)
[502] : 0x00 (0)
[503] : 0x00 (0)
[504] : 0x00 (0)
[505] : 0x00 (0)
[506] : 0x00 (0)
[507] : 0x00 (0)
[508] : 0x00 (0)
[509] : 0x00 (0)
[510] : 0x00 (0)
[511] : 0x00 (0)
[512] : 0x00 (0)
[513] : 0x00 (0)
[514] : 0x00 (0)
[515] : 0x00 (0)
[516] : 0x00 (0)
[517] : 0x00 (0)
[518] : 0x00 (0)
[519] : 0x00 (0)
needed : *
needed : 0x0000001e (30)
result : WERR_OK
[2014/03/19 16:57:14.081560, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.081601, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.081639, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0230 (560)
auth_length : 0x0000 (0)
call_id : 0x00000003 (3)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000218 (536)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=536
[0000] 01 00 00 00 08 02 00 00 57 00 69 00 6E 00 64 00 ........ W.i.n.d.
[0010] 6F 00 77 00 73 00 20 00 4E 00 54 00 20 00 78 00 o.w.s. . N.T. .x.
[0020] 38 00 36 00 00 00 00 00 00 00 00 00 00 00 00 00 8.6..... ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0210] 1E 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:14.082665, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 536 bytes
[2014/03/19 16:57:14.082695, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 560
[2014/03/19 16:57:14.082743, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 21 going async
[2014/03/19 16:57:14.082777, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/22/31
[2014/03/19 16:57:14.082811, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.082946, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 560 bytes. There is no more data outstanding
[2014/03/19 16:57:14.082982, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 560 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.083044, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 560 status NT_STATUS_OK
[2014/03/19 16:57:14.083084, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:560] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.083115, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/22/31
[2014/03/19 16:57:14.083498, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.083536, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 22 (position 22) from bitmap
[2014/03/19 16:57:14.083568, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 22
[2014/03/19 16:57:14.083602, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.083635, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 22, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.083667, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 2290303473
[2014/03/19 16:57:14.083699, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 88
[2014/03/19 16:57:14.083729, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 88
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 88
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.083881, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 88
[2014/03/19 16:57:14.083921, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.083988, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.084048, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.084089, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.084123, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.084157, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.084188, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.084645, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.084645, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.084683, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.084719, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:14.084750, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:14.084783, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000013-0000-0000-2953-5abe88600000
value_name : 'MajorVersion'
offered : 0x00000004 (4)
[2014/03/19 16:57:14.084887, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 13 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.084938, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:14.084965, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [MajorVersion]
[2014/03/19 16:57:14.085043, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:MajorVersion
[2014/03/19 16:57:14.085086, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x03 (3)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
needed : *
needed : 0x00000004 (4)
result : WERR_OK
[2014/03/19 16:57:14.085236, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.085273, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.085309, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x002c (44)
auth_length : 0x0000 (0)
call_id : 0x00000004 (4)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000014 (20)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=20
[0000] 04 00 00 00 04 00 00 00 03 00 00 00 04 00 00 00 ........ ........
[0010] 00 00 00 00 ....
[2014/03/19 16:57:14.085649, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 20 bytes
[2014/03/19 16:57:14.085679, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 44
[2014/03/19 16:57:14.085727, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 22 going async
[2014/03/19 16:57:14.085760, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/23/31
[2014/03/19 16:57:14.085789, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.085907, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 44 bytes. There is no more data outstanding
[2014/03/19 16:57:14.085942, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 44 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.085974, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 44 status NT_STATUS_OK
[2014/03/19 16:57:14.086072, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:44] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.086112, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/23/31
[2014/03/19 16:57:14.086594, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.086773, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 23 (position 23) from bitmap
[2014/03/19 16:57:14.086858, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 23
[2014/03/19 16:57:14.087123, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.087248, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 23, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.087300, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 2290303473
[2014/03/19 16:57:14.087360, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 44
[2014/03/19 16:57:14.087404, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 44
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 44
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.087607, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 44
[2014/03/19 16:57:14.087662, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.087769, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.087807, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.087831, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.087889, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.087931, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.087962, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.088610, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.088785, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.088816, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.088857, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1d - api_rpcTNP: rpc command: SPOOLSS_CLOSEPRINTER
[2014/03/19 16:57:14.088887, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[29].fn == 0x7f5de30319b4
[2014/03/19 16:57:14.088927, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
in: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000013-0000-0000-2953-5abe88600000
[2014/03/19 16:57:14.089098, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 13 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.089161, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 13 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.089221, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 13 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.089280, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:14.089308, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
out: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:14.089442, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.089479, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.089537, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000005 (5)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:14.089960, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.090067, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.090129, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 23 going async
[2014/03/19 16:57:14.090173, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/24/31
[2014/03/19 16:57:14.090203, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.090394, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.090440, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.090495, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.090573, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.090633, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/24/31
[2014/03/19 16:57:14.090853, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.090891, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 24 (position 24) from bitmap
[2014/03/19 16:57:14.090920, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 24
[2014/03/19 16:57:14.090952, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.091072, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:14.091119, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.091159, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.091199, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 5AE05CE9
[2014/03/19 16:57:14.091233, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586e030
[2014/03/19 16:57:14.091306, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key '5AE05CE9' stored
[2014/03/19 16:57:14.091350, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x5ae05ce9 (1524653289)
open_persistent_id : 0x000000005ae05ce9 (1524653289)
open_volatile_id : 0x0000000000365634 (3561012)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:14.091710, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 5AE05CE9
[2014/03/19 16:57:14.091751, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.091781, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.091821, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0x5ae05ce9) stored
[2014/03/19 16:57:14.091849, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0x00365634 (3561012)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x5ae05ce9 (1524653289)
open_persistent_id : 0x000000005ae05ce9 (1524653289)
open_volatile_id : 0x0000000000365634 (3561012)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
compat : NULL
[2014/03/19 16:57:14.092409, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 3561012 (2 used)
[2014/03/19 16:57:14.092453, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:14.092504, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:14.092618, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:14.092680, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 3561012
[2014/03/19 16:57:14.092718, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:14.092759, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/25/31
[2014/03/19 16:57:14.093121, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.093169, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 25 (position 25) from bitmap
[2014/03/19 16:57:14.093210, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 25
[2014/03/19 16:57:14.093242, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.093285, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 2290303473
[2014/03/19 16:57:14.093329, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.093358, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.093400, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key F06DA943
[2014/03/19 16:57:14.093433, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de5876e60
[2014/03/19 16:57:14.093471, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key F06DA943
[2014/03/19 16:57:14.093528, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.093582, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.093633, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:14.093674, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 2290303473 (1 used)
[2014/03/19 16:57:14.093718, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:14.093766, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/26/31
[2014/03/19 16:57:14.094177, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.094216, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 26 (position 26) from bitmap
[2014/03/19 16:57:14.094258, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 26
[2014/03/19 16:57:14.094298, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.094331, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 26, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.094373, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 3561012
[2014/03/19 16:57:14.094404, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.094585, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:14.094620, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/27/31
[2014/03/19 16:57:14.094789, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.094949, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:14.094983, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.095095, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:14.095137, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:14.095169, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.095205, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:14.095246, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:14.095286, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:14.095781, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:14.095812, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:14.095885, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.095931, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 27 (position 27) from bitmap
[2014/03/19 16:57:14.095961, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 27
[2014/03/19 16:57:14.096038, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.096085, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 27, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.096123, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 3561012
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.096330, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:14.096365, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:14.096407, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/28/31
[2014/03/19 16:57:14.096755, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.096794, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 28 (position 28) from bitmap
[2014/03/19 16:57:14.096836, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 28
[2014/03/19 16:57:14.096869, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.096910, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 28, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.097041, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 3561012
[2014/03/19 16:57:14.097080, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 194
[2014/03/19 16:57:14.097120, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 194
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 194
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.097294, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 194
[2014/03/19 16:57:14.097328, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.097412, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.097451, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.097490, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.097523, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.097568, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.097625, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.098277, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.098440, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.098472, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.098514, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX
[2014/03/19 16:57:14.098576, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[69].fn == 0x7f5de3038ac3
[2014/03/19 16:57:14.098662, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
in: struct spoolss_OpenPrinterEx
printername : *
printername : '\\samba'
datatype : NULL
devmode_ctr: struct spoolss_DevmodeContainer
_ndr_size : 0x00000000 (0)
devmode : NULL
access_mask : 0x00020002 (131074)
0: SERVER_ACCESS_ADMINISTER
1: SERVER_ACCESS_ENUMERATE
0: PRINTER_ACCESS_ADMINISTER
0: PRINTER_ACCESS_USE
0: JOB_ACCESS_ADMINISTER
0: JOB_ACCESS_READ
userlevel_ctr: struct spoolss_UserLevelCtr
level : 0x00000001 (1)
user_info : union spoolss_UserLevel(case 1)
level1 : *
level1: struct spoolss_UserLevel1
size : 0x00000028 (40)
client : *
client : 'WIN7CLI'
user : *
user : 'LEVEL1\Administrator'
build : 0x00001db1 (7601)
major : UNKNOWN_ENUM_VALUE (3)
minor : SPOOLSS_MINOR_VERSION_0 (0)
processor : PROCESSOR_ARCHITECTURE_AMD64 (9)
checking name: \\samba
[2014/03/19 16:57:14.099132, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:739(open_printer_hnd)
open_printer_hnd: name [\\samba]
[2014/03/19 16:57:14.099174, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 14 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.099236, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:507(set_printer_hnd_printertype)
Setting printer type=\\samba
Printer is a print server
[2014/03/19 16:57:14.099284, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:567(set_printer_hnd_name)
Setting printer name=\\samba (len=7)
[2014/03/19 16:57:14.099315, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:775(open_printer_hnd)
1 printer handles active
[2014/03/19 16:57:14.099354, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 14 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.099415, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:1838(_spoolss_OpenPrinterEx)
Setting print server access = SERVER_ACCESS_ENUMERATE
[2014/03/19 16:57:14.099443, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
out: struct spoolss_OpenPrinterEx
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000014-0000-0000-2953-5abe88600000
result : WERR_OK
[2014/03/19 16:57:14.099587, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.099626, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.099672, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 14 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 00 00 00 00 .`......
[2014/03/19 16:57:14.100121, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.100151, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.100211, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 28 going async
[2014/03/19 16:57:14.100256, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/29/31
[2014/03/19 16:57:14.100287, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.100478, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.100533, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.100570, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.100611, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.100642, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/29/31
[2014/03/19 16:57:14.101165, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.101214, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 29 (position 29) from bitmap
[2014/03/19 16:57:14.101246, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 29
[2014/03/19 16:57:14.101288, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.101321, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 29, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.101361, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 3561012
[2014/03/19 16:57:14.101407, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 80
[2014/03/19 16:57:14.101437, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 80
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 80
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.101612, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 80
[2014/03/19 16:57:14.101656, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.101729, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.101774, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.101802, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.101846, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.101894, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.101924, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.102565, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.102731, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.102763, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.102805, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:14.102837, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:14.102870, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000014-0000-0000-2953-5abe88600000
value_name : 'OSVersion'
offered : 0x00000114 (276)
[2014/03/19 16:57:14.103076, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 14 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.103147, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:14.103176, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [OSVersion]
[2014/03/19 16:57:14.103215, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:OSVersion
[2014/03/19 16:57:14.103284, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&os: struct spoolss_OSVersion
_ndr_size : 0xa0151bf0 (2685737968)
major : 0x00000005 (5)
minor : 0x00000000 (0)
build : 0x00000893 (2195)
platform_id : 0xa0152c40 (2685742144)
extra_string : ''
[2014/03/19 16:57:14.103421, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_BINARY (3)
data : *
data: ARRAY(276)
[0] : 0x14 (20)
[1] : 0x01 (1)
[2] : 0x00 (0)
[3] : 0x00 (0)
[4] : 0x05 (5)
[5] : 0x00 (0)
[6] : 0x00 (0)
[7] : 0x00 (0)
[8] : 0x00 (0)
[9] : 0x00 (0)
[10] : 0x00 (0)
[11] : 0x00 (0)
[12] : 0x93 (147)
[13] : 0x08 (8)
[14] : 0x00 (0)
[15] : 0x00 (0)
[16] : 0x02 (2)
[17] : 0x00 (0)
[18] : 0x00 (0)
[19] : 0x00 (0)
[20] : 0x00 (0)
[21] : 0x00 (0)
[22] : 0x00 (0)
[23] : 0x00 (0)
[24] : 0x00 (0)
[25] : 0x00 (0)
[26] : 0x00 (0)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x00 (0)
[31] : 0x00 (0)
[32] : 0x00 (0)
[33] : 0x00 (0)
[34] : 0x00 (0)
[35] : 0x00 (0)
[36] : 0x00 (0)
[37] : 0x00 (0)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x00 (0)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x00 (0)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
[54] : 0x00 (0)
[55] : 0x00 (0)
[56] : 0x00 (0)
[57] : 0x00 (0)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x00 (0)
[64] : 0x00 (0)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x00 (0)
[69] : 0x00 (0)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x00 (0)
[75] : 0x00 (0)
[76] : 0x00 (0)
[77] : 0x00 (0)
[78] : 0x00 (0)
[79] : 0x00 (0)
[80] : 0x00 (0)
[81] : 0x00 (0)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x00 (0)
[88] : 0x00 (0)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x00 (0)
[93] : 0x00 (0)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x00 (0)
[99] : 0x00 (0)
[100] : 0x00 (0)
[101] : 0x00 (0)
[102] : 0x00 (0)
[103] : 0x00 (0)
[104] : 0x00 (0)
[105] : 0x00 (0)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x00 (0)
[112] : 0x00 (0)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x00 (0)
[117] : 0x00 (0)
[118] : 0x00 (0)
[119] : 0x00 (0)
[120] : 0x00 (0)
[121] : 0x00 (0)
[122] : 0x00 (0)
[123] : 0x00 (0)
[124] : 0x00 (0)
[125] : 0x00 (0)
[126] : 0x00 (0)
[127] : 0x00 (0)
[128] : 0x00 (0)
[129] : 0x00 (0)
[130] : 0x00 (0)
[131] : 0x00 (0)
[132] : 0x00 (0)
[133] : 0x00 (0)
[134] : 0x00 (0)
[135] : 0x00 (0)
[136] : 0x00 (0)
[137] : 0x00 (0)
[138] : 0x00 (0)
[139] : 0x00 (0)
[140] : 0x00 (0)
[141] : 0x00 (0)
[142] : 0x00 (0)
[143] : 0x00 (0)
[144] : 0x00 (0)
[145] : 0x00 (0)
[146] : 0x00 (0)
[147] : 0x00 (0)
[148] : 0x00 (0)
[149] : 0x00 (0)
[150] : 0x00 (0)
[151] : 0x00 (0)
[152] : 0x00 (0)
[153] : 0x00 (0)
[154] : 0x00 (0)
[155] : 0x00 (0)
[156] : 0x00 (0)
[157] : 0x00 (0)
[158] : 0x00 (0)
[159] : 0x00 (0)
[160] : 0x00 (0)
[161] : 0x00 (0)
[162] : 0x00 (0)
[163] : 0x00 (0)
[164] : 0x00 (0)
[165] : 0x00 (0)
[166] : 0x00 (0)
[167] : 0x00 (0)
[168] : 0x00 (0)
[169] : 0x00 (0)
[170] : 0x00 (0)
[171] : 0x00 (0)
[172] : 0x00 (0)
[173] : 0x00 (0)
[174] : 0x00 (0)
[175] : 0x00 (0)
[176] : 0x00 (0)
[177] : 0x00 (0)
[178] : 0x00 (0)
[179] : 0x00 (0)
[180] : 0x00 (0)
[181] : 0x00 (0)
[182] : 0x00 (0)
[183] : 0x00 (0)
[184] : 0x00 (0)
[185] : 0x00 (0)
[186] : 0x00 (0)
[187] : 0x00 (0)
[188] : 0x00 (0)
[189] : 0x00 (0)
[190] : 0x00 (0)
[191] : 0x00 (0)
[192] : 0x00 (0)
[193] : 0x00 (0)
[194] : 0x00 (0)
[195] : 0x00 (0)
[196] : 0x00 (0)
[197] : 0x00 (0)
[198] : 0x00 (0)
[199] : 0x00 (0)
[200] : 0x00 (0)
[201] : 0x00 (0)
[202] : 0x00 (0)
[203] : 0x00 (0)
[204] : 0x00 (0)
[205] : 0x00 (0)
[206] : 0x00 (0)
[207] : 0x00 (0)
[208] : 0x00 (0)
[209] : 0x00 (0)
[210] : 0x00 (0)
[211] : 0x00 (0)
[212] : 0x00 (0)
[213] : 0x00 (0)
[214] : 0x00 (0)
[215] : 0x00 (0)
[216] : 0x00 (0)
[217] : 0x00 (0)
[218] : 0x00 (0)
[219] : 0x00 (0)
[220] : 0x00 (0)
[221] : 0x00 (0)
[222] : 0x00 (0)
[223] : 0x00 (0)
[224] : 0x00 (0)
[225] : 0x00 (0)
[226] : 0x00 (0)
[227] : 0x00 (0)
[228] : 0x00 (0)
[229] : 0x00 (0)
[230] : 0x00 (0)
[231] : 0x00 (0)
[232] : 0x00 (0)
[233] : 0x00 (0)
[234] : 0x00 (0)
[235] : 0x00 (0)
[236] : 0x00 (0)
[237] : 0x00 (0)
[238] : 0x00 (0)
[239] : 0x00 (0)
[240] : 0x00 (0)
[241] : 0x00 (0)
[242] : 0x00 (0)
[243] : 0x00 (0)
[244] : 0x00 (0)
[245] : 0x00 (0)
[246] : 0x00 (0)
[247] : 0x00 (0)
[248] : 0x00 (0)
[249] : 0x00 (0)
[250] : 0x00 (0)
[251] : 0x00 (0)
[252] : 0x00 (0)
[253] : 0x00 (0)
[254] : 0x00 (0)
[255] : 0x00 (0)
[256] : 0x00 (0)
[257] : 0x00 (0)
[258] : 0x00 (0)
[259] : 0x00 (0)
[260] : 0x00 (0)
[261] : 0x00 (0)
[262] : 0x00 (0)
[263] : 0x00 (0)
[264] : 0x00 (0)
[265] : 0x00 (0)
[266] : 0x00 (0)
[267] : 0x00 (0)
[268] : 0x00 (0)
[269] : 0x00 (0)
[270] : 0x00 (0)
[271] : 0x00 (0)
[272] : 0x00 (0)
[273] : 0x00 (0)
[274] : 0x00 (0)
[275] : 0x00 (0)
needed : *
needed : 0x00000114 (276)
result : WERR_OK
[2014/03/19 16:57:14.107213, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.107255, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.107315, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x013c (316)
auth_length : 0x0000 (0)
call_id : 0x00000003 (3)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000124 (292)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=292
[0000] 03 00 00 00 14 01 00 00 14 01 00 00 05 00 00 00 ........ ........
[0010] 00 00 00 00 93 08 00 00 02 00 00 00 00 00 00 00 ........ ........
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 14 01 00 00 ........ ........
[0120] 00 00 00 00 ....
[2014/03/19 16:57:14.108162, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 292 bytes
[2014/03/19 16:57:14.108203, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 316
[2014/03/19 16:57:14.108261, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 29 going async
[2014/03/19 16:57:14.108320, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/30/31
[2014/03/19 16:57:14.108352, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.108531, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 316 bytes. There is no more data outstanding
[2014/03/19 16:57:14.108575, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 316 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.108617, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 316 status NT_STATUS_OK
[2014/03/19 16:57:14.108647, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:316] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.108687, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/30/31
[2014/03/19 16:57:14.109148, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.109186, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 30 (position 30) from bitmap
[2014/03/19 16:57:14.109232, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 30
[2014/03/19 16:57:14.109280, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.109312, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 30, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.109353, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 3561012
[2014/03/19 16:57:14.109394, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 44
[2014/03/19 16:57:14.109423, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 44
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 44
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.109667, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 44
[2014/03/19 16:57:14.109712, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.109816, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.109849, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.109887, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.109918, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.109959, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.109989, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.111419, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.111600, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.111645, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.111675, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1d - api_rpcTNP: rpc command: SPOOLSS_CLOSEPRINTER
[2014/03/19 16:57:14.111714, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[29].fn == 0x7f5de30319b4
[2014/03/19 16:57:14.111743, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
in: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000014-0000-0000-2953-5abe88600000
[2014/03/19 16:57:14.111856, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 14 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.111916, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 14 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.111974, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 14 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.112118, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:14.112148, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
out: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:14.112259, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.112295, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.112340, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000004 (4)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:14.112709, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.112748, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.112795, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 30 going async
[2014/03/19 16:57:14.112828, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/31/31
[2014/03/19 16:57:14.112867, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.113099, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.113135, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.113175, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.113204, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.113256, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/31/31
[2014/03/19 16:57:14.113437, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.113483, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 31 (position 31) from bitmap
[2014/03/19 16:57:14.113521, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 31
[2014/03/19 16:57:14.113554, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.113598, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:14.113644, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.113675, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.113717, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 974342A8
[2014/03/19 16:57:14.113750, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de58751f0
[2014/03/19 16:57:14.113806, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key '974342A8' stored
[2014/03/19 16:57:14.113851, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x974342a8 (2537767592)
open_persistent_id : 0x00000000974342a8 (2537767592)
open_volatile_id : 0x000000002b3019d1 (724572625)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:14.114251, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 974342A8
[2014/03/19 16:57:14.114283, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.114322, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.114360, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0x974342a8) stored
[2014/03/19 16:57:14.114388, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0x2b3019d1 (724572625)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x974342a8 (2537767592)
open_persistent_id : 0x00000000974342a8 (2537767592)
open_volatile_id : 0x000000002b3019d1 (724572625)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:14 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:14 PM 2014 CET
compat : NULL
[2014/03/19 16:57:14.114820, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 724572625 (2 used)
[2014/03/19 16:57:14.114869, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:14.114913, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:14.115024, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:14.115972, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 724572625
[2014/03/19 16:57:14.116067, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:14.116105, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/32/31
[2014/03/19 16:57:14.116425, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.116460, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 32 (position 32) from bitmap
[2014/03/19 16:57:14.116499, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 32
[2014/03/19 16:57:14.116538, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.116570, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 3561012
[2014/03/19 16:57:14.116612, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.116649, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.116679, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 5AE05CE9
[2014/03/19 16:57:14.116719, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586e050
[2014/03/19 16:57:14.116758, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 5AE05CE9
[2014/03/19 16:57:14.116791, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.116827, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.116882, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:14.116926, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 3561012 (1 used)
[2014/03/19 16:57:14.117045, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:14.117088, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/33/31
[2014/03/19 16:57:14.117328, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.117363, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 33 (position 33) from bitmap
[2014/03/19 16:57:14.117402, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 33
[2014/03/19 16:57:14.117441, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.117472, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 33, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.117512, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 724572625
[2014/03/19 16:57:14.117541, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.117710, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:14.117752, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/34/31
[2014/03/19 16:57:14.117884, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.118046, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:14.118095, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.118125, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:14.118164, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:14.118207, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:14.118237, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:14.118275, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:14.118312, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:14.118762, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:14.118800, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:14.118897, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.118929, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 34 (position 34) from bitmap
[2014/03/19 16:57:14.119058, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 34
[2014/03/19 16:57:14.119093, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.119140, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 34, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.119179, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 724572625
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.119357, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:14.119390, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:14.119430, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/35/31
[2014/03/19 16:57:14.119872, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.119907, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 35 (position 35) from bitmap
[2014/03/19 16:57:14.119947, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 35
[2014/03/19 16:57:14.119977, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.120108, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 35, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.120139, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 724572625
[2014/03/19 16:57:14.120181, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 194
[2014/03/19 16:57:14.120208, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 194
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 194
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.120374, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 194
[2014/03/19 16:57:14.120415, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.120488, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.120531, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.120559, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.120598, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.120638, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.120667, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.121271, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.121417, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.121458, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.121492, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX
[2014/03/19 16:57:14.121523, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[69].fn == 0x7f5de3038ac3
[2014/03/19 16:57:14.121565, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
in: struct spoolss_OpenPrinterEx
printername : *
printername : '\\samba'
datatype : NULL
devmode_ctr: struct spoolss_DevmodeContainer
_ndr_size : 0x00000000 (0)
devmode : NULL
access_mask : 0x00020002 (131074)
0: SERVER_ACCESS_ADMINISTER
1: SERVER_ACCESS_ENUMERATE
0: PRINTER_ACCESS_ADMINISTER
0: PRINTER_ACCESS_USE
0: JOB_ACCESS_ADMINISTER
0: JOB_ACCESS_READ
userlevel_ctr: struct spoolss_UserLevelCtr
level : 0x00000001 (1)
user_info : union spoolss_UserLevel(case 1)
level1 : *
level1: struct spoolss_UserLevel1
size : 0x00000028 (40)
client : *
client : 'WIN7CLI'
user : *
user : 'LEVEL1\Administrator'
build : 0x00001db1 (7601)
major : UNKNOWN_ENUM_VALUE (3)
minor : SPOOLSS_MINOR_VERSION_0 (0)
processor : PROCESSOR_ARCHITECTURE_AMD64 (9)
checking name: \\samba
[2014/03/19 16:57:14.121942, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:739(open_printer_hnd)
open_printer_hnd: name [\\samba]
[2014/03/19 16:57:14.121981, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 15 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.122062, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:507(set_printer_hnd_printertype)
Setting printer type=\\samba
Printer is a print server
[2014/03/19 16:57:14.122100, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:567(set_printer_hnd_name)
Setting printer name=\\samba (len=7)
[2014/03/19 16:57:14.122131, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:775(open_printer_hnd)
1 printer handles active
[2014/03/19 16:57:14.122159, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 15 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.122207, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:1838(_spoolss_OpenPrinterEx)
Setting print server access = SERVER_ACCESS_ENUMERATE
[2014/03/19 16:57:14.122249, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
out: struct spoolss_OpenPrinterEx
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000015-0000-0000-2953-5abe88600000
result : WERR_OK
[2014/03/19 16:57:14.122357, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.122394, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.122429, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 15 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 00 00 00 00 .`......
[2014/03/19 16:57:14.122796, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.122834, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.122902, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 35 going async
[2014/03/19 16:57:14.122945, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/36/31
[2014/03/19 16:57:14.123046, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.123213, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.123263, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.123304, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.123333, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.123372, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/36/31
[2014/03/19 16:57:14.124133, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.124179, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 36 (position 36) from bitmap
[2014/03/19 16:57:14.124210, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 36
[2014/03/19 16:57:14.124250, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.124280, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 36, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.124318, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 724572625
[2014/03/19 16:57:14.124358, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 96
[2014/03/19 16:57:14.124386, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 96
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 96
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.124554, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 96
[2014/03/19 16:57:14.125039, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.125113, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.125158, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.125187, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.125236, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.125290, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.125340, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.125917, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.126132, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.126163, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.126203, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:14.126241, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:14.126274, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000015-0000-0000-2953-5abe88600000
value_name : 'DsPresentForUser'
offered : 0x00000004 (4)
[2014/03/19 16:57:14.126425, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 15 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.126478, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:14.126506, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [DsPresentForUser]
[2014/03/19 16:57:14.126534, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:DsPresentForUser
[2014/03/19 16:57:14.126572, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_NONE (0)
data : *
data: ARRAY(4)
[0] : 0x00 (0)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
needed : *
needed : 0x00000000 (0)
result : WERR_INVALID_PARAM
[2014/03/19 16:57:14.126751, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.126797, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.126833, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x002c (44)
auth_length : 0x0000 (0)
call_id : 0x00000003 (3)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000014 (20)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=20
[0000] 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 57 00 00 00 W...
[2014/03/19 16:57:14.127357, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 20 bytes
[2014/03/19 16:57:14.127396, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 44
[2014/03/19 16:57:14.127476, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 36 going async
[2014/03/19 16:57:14.127519, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/37/31
[2014/03/19 16:57:14.127549, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.127708, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 44 bytes. There is no more data outstanding
[2014/03/19 16:57:14.127742, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 44 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.127783, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 44 status NT_STATUS_OK
[2014/03/19 16:57:14.127821, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:44] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.127851, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/37/31
[2014/03/19 16:57:14.128200, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.128249, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 37 (position 37) from bitmap
[2014/03/19 16:57:14.128278, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 37
[2014/03/19 16:57:14.128319, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.128359, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 37, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:14.128389, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 724572625
[2014/03/19 16:57:14.128437, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 44
[2014/03/19 16:57:14.128465, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 44
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 44
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:14.128666, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 44
[2014/03/19 16:57:14.128699, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:14.128771, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:14.128813, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:14.128851, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:14.128882, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.128956, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:14.129046, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:14.129668, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:14.129840, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:14.129885, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:14.129941, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1d - api_rpcTNP: rpc command: SPOOLSS_CLOSEPRINTER
[2014/03/19 16:57:14.129975, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[29].fn == 0x7f5de30319b4
[2014/03/19 16:57:14.130039, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
in: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000015-0000-0000-2953-5abe88600000
[2014/03/19 16:57:14.130153, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 15 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.130218, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 15 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.130281, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 15 00 00 00 00 00 00 00 29 53 5A BE ........ ....)SZ.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:14.130343, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:14.130374, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
out: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:14.130494, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:14.130550, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:14.130601, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000004 (4)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:14.131133, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:14.131176, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:14.131231, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 37 going async
[2014/03/19 16:57:14.131266, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/38/31
[2014/03/19 16:57:14.131310, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:14.131492, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:14.131530, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:14.131564, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:14.131605, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:14.131643, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/38/31
[2014/03/19 16:57:14.144753, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:14.144825, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 38 (position 38) from bitmap
[2014/03/19 16:57:14.144871, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 38
[2014/03/19 16:57:14.144918, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:14.144943, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 724572625
[2014/03/19 16:57:14.144943, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.145075, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:14.145117, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 974342A8
[2014/03/19 16:57:14.145207, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586e050
[2014/03/19 16:57:14.145405, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 974342A8
[2014/03/19 16:57:14.145446, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:14.145484, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:14.145541, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:14.145681, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 724572625 (0 used)
[2014/03/19 16:57:14.145845, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:14.145880, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/39/31
[2014/03/19 16:57:15.096602, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.096769, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 39 (position 39) from bitmap
[2014/03/19 16:57:15.096886, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 39
[2014/03/19 16:57:15.097125, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.097255, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:15.097373, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.097458, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:15.097581, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 0B1A8CE2
[2014/03/19 16:57:15.097683, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586c220
[2014/03/19 16:57:15.097831, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key '0B1A8CE2' stored
[2014/03/19 16:57:15.098118, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x0b1a8ce2 (186289378)
open_persistent_id : 0x000000000b1a8ce2 (186289378)
open_volatile_id : 0x00000000f563c037 (4116955191)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:15 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:15.099075, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 0B1A8CE2
[2014/03/19 16:57:15.099150, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.099203, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:15.099256, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0x0b1a8ce2) stored
[2014/03/19 16:57:15.099317, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0xf563c037 (4116955191)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x0b1a8ce2 (186289378)
open_persistent_id : 0x000000000b1a8ce2 (186289378)
open_volatile_id : 0x00000000f563c037 (4116955191)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:15 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:15 PM 2014 CET
compat : NULL
[2014/03/19 16:57:15.100070, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 4116955191 (1 used)
[2014/03/19 16:57:15.100144, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:15.100217, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:15.100397, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:15.100466, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 4116955191
[2014/03/19 16:57:15.100530, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:15.100616, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/40/31
[2014/03/19 16:57:15.101348, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.101425, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 40 (position 40) from bitmap
[2014/03/19 16:57:15.101482, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 40
[2014/03/19 16:57:15.101564, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.101627, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 40, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.101683, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 4116955191
[2014/03/19 16:57:15.101761, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.102104, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:15.102175, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/41/31
[2014/03/19 16:57:15.102404, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.102514, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:15.102694, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:15.102760, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:15.102813, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:15.102868, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:15.102921, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:15.102974, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:15.103072, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:15.103893, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:15.103948, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:15.104125, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.104188, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 41 (position 41) from bitmap
[2014/03/19 16:57:15.104241, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 41
[2014/03/19 16:57:15.104734, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.104797, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 41, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.104854, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 4116955191
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.105142, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:15.105223, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:15.105283, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/42/31
[2014/03/19 16:57:15.106097, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.106168, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 42 (position 42) from bitmap
[2014/03/19 16:57:15.106225, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 42
[2014/03/19 16:57:15.106308, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.106372, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 42, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.106454, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4116955191
[2014/03/19 16:57:15.106515, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 194
[2014/03/19 16:57:15.106569, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 194
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 194
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.106870, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 194
[2014/03/19 16:57:15.106955, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.107141, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.107208, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.107263, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.107326, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.107391, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.107461, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.108849, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.109078, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.109127, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.109172, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX
[2014/03/19 16:57:15.109205, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[69].fn == 0x7f5de3038ac3
[2014/03/19 16:57:15.109245, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
in: struct spoolss_OpenPrinterEx
printername : *
printername : '\\samba'
datatype : NULL
devmode_ctr: struct spoolss_DevmodeContainer
_ndr_size : 0x00000000 (0)
devmode : NULL
access_mask : 0x00020002 (131074)
0: SERVER_ACCESS_ADMINISTER
1: SERVER_ACCESS_ENUMERATE
0: PRINTER_ACCESS_ADMINISTER
0: PRINTER_ACCESS_USE
0: JOB_ACCESS_ADMINISTER
0: JOB_ACCESS_READ
userlevel_ctr: struct spoolss_UserLevelCtr
level : 0x00000001 (1)
user_info : union spoolss_UserLevel(case 1)
level1 : *
level1: struct spoolss_UserLevel1
size : 0x00000028 (40)
client : *
client : 'WIN7CLI'
user : *
user : 'LEVEL1\Administrator'
build : 0x00001db1 (7601)
major : UNKNOWN_ENUM_VALUE (3)
minor : SPOOLSS_MINOR_VERSION_0 (0)
processor : PROCESSOR_ARCHITECTURE_AMD64 (9)
checking name: \\samba
[2014/03/19 16:57:15.109569, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:739(open_printer_hnd)
open_printer_hnd: name [\\samba]
[2014/03/19 16:57:15.109601, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 16 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.109664, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:507(set_printer_hnd_printertype)
Setting printer type=\\samba
Printer is a print server
[2014/03/19 16:57:15.109703, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:567(set_printer_hnd_name)
Setting printer name=\\samba (len=7)
[2014/03/19 16:57:15.109736, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:775(open_printer_hnd)
1 printer handles active
[2014/03/19 16:57:15.109765, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 16 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.109815, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:1838(_spoolss_OpenPrinterEx)
Setting print server access = SERVER_ACCESS_ENUMERATE
[2014/03/19 16:57:15.109842, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
out: struct spoolss_OpenPrinterEx
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000016-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.109952, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.109991, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.110065, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 16 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 00 00 00 00 .`......
[2014/03/19 16:57:15.110398, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:15.110428, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:15.110476, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 42 going async
[2014/03/19 16:57:15.110509, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/43/31
[2014/03/19 16:57:15.110541, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.110695, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:15.110730, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:15.110762, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:15.110791, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.110822, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/43/31
[2014/03/19 16:57:15.111321, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.111359, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 43 (position 43) from bitmap
[2014/03/19 16:57:15.111401, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 43
[2014/03/19 16:57:15.111436, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.111479, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 43, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.111510, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4116955191
[2014/03/19 16:57:15.111557, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 88
[2014/03/19 16:57:15.111607, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 88
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 88
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.111756, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 88
[2014/03/19 16:57:15.111801, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.111861, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.111892, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.111918, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.111946, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.111975, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.112035, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.112531, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.112678, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.112710, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.112767, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:15.112800, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:15.112835, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000016-0000-0000-2953-5bbe88600000
value_name : 'Architecture'
offered : 0x00000208 (520)
[2014/03/19 16:57:15.112939, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 16 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.112989, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:15.113072, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [Architecture]
[2014/03/19 16:57:15.113112, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:Architecture
[2014/03/19 16:57:15.113151, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_SZ (1)
data : *
data: ARRAY(520)
[0] : 0x57 (87)
[1] : 0x00 (0)
[2] : 0x69 (105)
[3] : 0x00 (0)
[4] : 0x6e (110)
[5] : 0x00 (0)
[6] : 0x64 (100)
[7] : 0x00 (0)
[8] : 0x6f (111)
[9] : 0x00 (0)
[10] : 0x77 (119)
[11] : 0x00 (0)
[12] : 0x73 (115)
[13] : 0x00 (0)
[14] : 0x20 (32)
[15] : 0x00 (0)
[16] : 0x4e (78)
[17] : 0x00 (0)
[18] : 0x54 (84)
[19] : 0x00 (0)
[20] : 0x20 (32)
[21] : 0x00 (0)
[22] : 0x78 (120)
[23] : 0x00 (0)
[24] : 0x38 (56)
[25] : 0x00 (0)
[26] : 0x36 (54)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x00 (0)
[31] : 0x00 (0)
[32] : 0x00 (0)
[33] : 0x00 (0)
[34] : 0x00 (0)
[35] : 0x00 (0)
[36] : 0x00 (0)
[37] : 0x00 (0)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x00 (0)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x00 (0)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
[54] : 0x00 (0)
[55] : 0x00 (0)
[56] : 0x00 (0)
[57] : 0x00 (0)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x00 (0)
[64] : 0x00 (0)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x00 (0)
[69] : 0x00 (0)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x00 (0)
[75] : 0x00 (0)
[76] : 0x00 (0)
[77] : 0x00 (0)
[78] : 0x00 (0)
[79] : 0x00 (0)
[80] : 0x00 (0)
[81] : 0x00 (0)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x00 (0)
[88] : 0x00 (0)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x00 (0)
[93] : 0x00 (0)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x00 (0)
[99] : 0x00 (0)
[100] : 0x00 (0)
[101] : 0x00 (0)
[102] : 0x00 (0)
[103] : 0x00 (0)
[104] : 0x00 (0)
[105] : 0x00 (0)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x00 (0)
[112] : 0x00 (0)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x00 (0)
[117] : 0x00 (0)
[118] : 0x00 (0)
[119] : 0x00 (0)
[120] : 0x00 (0)
[121] : 0x00 (0)
[122] : 0x00 (0)
[123] : 0x00 (0)
[124] : 0x00 (0)
[125] : 0x00 (0)
[126] : 0x00 (0)
[127] : 0x00 (0)
[128] : 0x00 (0)
[129] : 0x00 (0)
[130] : 0x00 (0)
[131] : 0x00 (0)
[132] : 0x00 (0)
[133] : 0x00 (0)
[134] : 0x00 (0)
[135] : 0x00 (0)
[136] : 0x00 (0)
[137] : 0x00 (0)
[138] : 0x00 (0)
[139] : 0x00 (0)
[140] : 0x00 (0)
[141] : 0x00 (0)
[142] : 0x00 (0)
[143] : 0x00 (0)
[144] : 0x00 (0)
[145] : 0x00 (0)
[146] : 0x00 (0)
[147] : 0x00 (0)
[148] : 0x00 (0)
[149] : 0x00 (0)
[150] : 0x00 (0)
[151] : 0x00 (0)
[152] : 0x00 (0)
[153] : 0x00 (0)
[154] : 0x00 (0)
[155] : 0x00 (0)
[156] : 0x00 (0)
[157] : 0x00 (0)
[158] : 0x00 (0)
[159] : 0x00 (0)
[160] : 0x00 (0)
[161] : 0x00 (0)
[162] : 0x00 (0)
[163] : 0x00 (0)
[164] : 0x00 (0)
[165] : 0x00 (0)
[166] : 0x00 (0)
[167] : 0x00 (0)
[168] : 0x00 (0)
[169] : 0x00 (0)
[170] : 0x00 (0)
[171] : 0x00 (0)
[172] : 0x00 (0)
[173] : 0x00 (0)
[174] : 0x00 (0)
[175] : 0x00 (0)
[176] : 0x00 (0)
[177] : 0x00 (0)
[178] : 0x00 (0)
[179] : 0x00 (0)
[180] : 0x00 (0)
[181] : 0x00 (0)
[182] : 0x00 (0)
[183] : 0x00 (0)
[184] : 0x00 (0)
[185] : 0x00 (0)
[186] : 0x00 (0)
[187] : 0x00 (0)
[188] : 0x00 (0)
[189] : 0x00 (0)
[190] : 0x00 (0)
[191] : 0x00 (0)
[192] : 0x00 (0)
[193] : 0x00 (0)
[194] : 0x00 (0)
[195] : 0x00 (0)
[196] : 0x00 (0)
[197] : 0x00 (0)
[198] : 0x00 (0)
[199] : 0x00 (0)
[200] : 0x00 (0)
[201] : 0x00 (0)
[202] : 0x00 (0)
[203] : 0x00 (0)
[204] : 0x00 (0)
[205] : 0x00 (0)
[206] : 0x00 (0)
[207] : 0x00 (0)
[208] : 0x00 (0)
[209] : 0x00 (0)
[210] : 0x00 (0)
[211] : 0x00 (0)
[212] : 0x00 (0)
[213] : 0x00 (0)
[214] : 0x00 (0)
[215] : 0x00 (0)
[216] : 0x00 (0)
[217] : 0x00 (0)
[218] : 0x00 (0)
[219] : 0x00 (0)
[220] : 0x00 (0)
[221] : 0x00 (0)
[222] : 0x00 (0)
[223] : 0x00 (0)
[224] : 0x00 (0)
[225] : 0x00 (0)
[226] : 0x00 (0)
[227] : 0x00 (0)
[228] : 0x00 (0)
[229] : 0x00 (0)
[230] : 0x00 (0)
[231] : 0x00 (0)
[232] : 0x00 (0)
[233] : 0x00 (0)
[234] : 0x00 (0)
[235] : 0x00 (0)
[236] : 0x00 (0)
[237] : 0x00 (0)
[238] : 0x00 (0)
[239] : 0x00 (0)
[240] : 0x00 (0)
[241] : 0x00 (0)
[242] : 0x00 (0)
[243] : 0x00 (0)
[244] : 0x00 (0)
[245] : 0x00 (0)
[246] : 0x00 (0)
[247] : 0x00 (0)
[248] : 0x00 (0)
[249] : 0x00 (0)
[250] : 0x00 (0)
[251] : 0x00 (0)
[252] : 0x00 (0)
[253] : 0x00 (0)
[254] : 0x00 (0)
[255] : 0x00 (0)
[256] : 0x00 (0)
[257] : 0x00 (0)
[258] : 0x00 (0)
[259] : 0x00 (0)
[260] : 0x00 (0)
[261] : 0x00 (0)
[262] : 0x00 (0)
[263] : 0x00 (0)
[264] : 0x00 (0)
[265] : 0x00 (0)
[266] : 0x00 (0)
[267] : 0x00 (0)
[268] : 0x00 (0)
[269] : 0x00 (0)
[270] : 0x00 (0)
[271] : 0x00 (0)
[272] : 0x00 (0)
[273] : 0x00 (0)
[274] : 0x00 (0)
[275] : 0x00 (0)
[276] : 0x00 (0)
[277] : 0x00 (0)
[278] : 0x00 (0)
[279] : 0x00 (0)
[280] : 0x00 (0)
[281] : 0x00 (0)
[282] : 0x00 (0)
[283] : 0x00 (0)
[284] : 0x00 (0)
[285] : 0x00 (0)
[286] : 0x00 (0)
[287] : 0x00 (0)
[288] : 0x00 (0)
[289] : 0x00 (0)
[290] : 0x00 (0)
[291] : 0x00 (0)
[292] : 0x00 (0)
[293] : 0x00 (0)
[294] : 0x00 (0)
[295] : 0x00 (0)
[296] : 0x00 (0)
[297] : 0x00 (0)
[298] : 0x00 (0)
[299] : 0x00 (0)
[300] : 0x00 (0)
[301] : 0x00 (0)
[302] : 0x00 (0)
[303] : 0x00 (0)
[304] : 0x00 (0)
[305] : 0x00 (0)
[306] : 0x00 (0)
[307] : 0x00 (0)
[308] : 0x00 (0)
[309] : 0x00 (0)
[310] : 0x00 (0)
[311] : 0x00 (0)
[312] : 0x00 (0)
[313] : 0x00 (0)
[314] : 0x00 (0)
[315] : 0x00 (0)
[316] : 0x00 (0)
[317] : 0x00 (0)
[318] : 0x00 (0)
[319] : 0x00 (0)
[320] : 0x00 (0)
[321] : 0x00 (0)
[322] : 0x00 (0)
[323] : 0x00 (0)
[324] : 0x00 (0)
[325] : 0x00 (0)
[326] : 0x00 (0)
[327] : 0x00 (0)
[328] : 0x00 (0)
[329] : 0x00 (0)
[330] : 0x00 (0)
[331] : 0x00 (0)
[332] : 0x00 (0)
[333] : 0x00 (0)
[334] : 0x00 (0)
[335] : 0x00 (0)
[336] : 0x00 (0)
[337] : 0x00 (0)
[338] : 0x00 (0)
[339] : 0x00 (0)
[340] : 0x00 (0)
[341] : 0x00 (0)
[342] : 0x00 (0)
[343] : 0x00 (0)
[344] : 0x00 (0)
[345] : 0x00 (0)
[346] : 0x00 (0)
[347] : 0x00 (0)
[348] : 0x00 (0)
[349] : 0x00 (0)
[350] : 0x00 (0)
[351] : 0x00 (0)
[352] : 0x00 (0)
[353] : 0x00 (0)
[354] : 0x00 (0)
[355] : 0x00 (0)
[356] : 0x00 (0)
[357] : 0x00 (0)
[358] : 0x00 (0)
[359] : 0x00 (0)
[360] : 0x00 (0)
[361] : 0x00 (0)
[362] : 0x00 (0)
[363] : 0x00 (0)
[364] : 0x00 (0)
[365] : 0x00 (0)
[366] : 0x00 (0)
[367] : 0x00 (0)
[368] : 0x00 (0)
[369] : 0x00 (0)
[370] : 0x00 (0)
[371] : 0x00 (0)
[372] : 0x00 (0)
[373] : 0x00 (0)
[374] : 0x00 (0)
[375] : 0x00 (0)
[376] : 0x00 (0)
[377] : 0x00 (0)
[378] : 0x00 (0)
[379] : 0x00 (0)
[380] : 0x00 (0)
[381] : 0x00 (0)
[382] : 0x00 (0)
[383] : 0x00 (0)
[384] : 0x00 (0)
[385] : 0x00 (0)
[386] : 0x00 (0)
[387] : 0x00 (0)
[388] : 0x00 (0)
[389] : 0x00 (0)
[390] : 0x00 (0)
[391] : 0x00 (0)
[392] : 0x00 (0)
[393] : 0x00 (0)
[394] : 0x00 (0)
[395] : 0x00 (0)
[396] : 0x00 (0)
[397] : 0x00 (0)
[398] : 0x00 (0)
[399] : 0x00 (0)
[400] : 0x00 (0)
[401] : 0x00 (0)
[402] : 0x00 (0)
[403] : 0x00 (0)
[404] : 0x00 (0)
[405] : 0x00 (0)
[406] : 0x00 (0)
[407] : 0x00 (0)
[408] : 0x00 (0)
[409] : 0x00 (0)
[410] : 0x00 (0)
[411] : 0x00 (0)
[412] : 0x00 (0)
[413] : 0x00 (0)
[414] : 0x00 (0)
[415] : 0x00 (0)
[416] : 0x00 (0)
[417] : 0x00 (0)
[418] : 0x00 (0)
[419] : 0x00 (0)
[420] : 0x00 (0)
[421] : 0x00 (0)
[422] : 0x00 (0)
[423] : 0x00 (0)
[424] : 0x00 (0)
[425] : 0x00 (0)
[426] : 0x00 (0)
[427] : 0x00 (0)
[428] : 0x00 (0)
[429] : 0x00 (0)
[430] : 0x00 (0)
[431] : 0x00 (0)
[432] : 0x00 (0)
[433] : 0x00 (0)
[434] : 0x00 (0)
[435] : 0x00 (0)
[436] : 0x00 (0)
[437] : 0x00 (0)
[438] : 0x00 (0)
[439] : 0x00 (0)
[440] : 0x00 (0)
[441] : 0x00 (0)
[442] : 0x00 (0)
[443] : 0x00 (0)
[444] : 0x00 (0)
[445] : 0x00 (0)
[446] : 0x00 (0)
[447] : 0x00 (0)
[448] : 0x00 (0)
[449] : 0x00 (0)
[450] : 0x00 (0)
[451] : 0x00 (0)
[452] : 0x00 (0)
[453] : 0x00 (0)
[454] : 0x00 (0)
[455] : 0x00 (0)
[456] : 0x00 (0)
[457] : 0x00 (0)
[458] : 0x00 (0)
[459] : 0x00 (0)
[460] : 0x00 (0)
[461] : 0x00 (0)
[462] : 0x00 (0)
[463] : 0x00 (0)
[464] : 0x00 (0)
[465] : 0x00 (0)
[466] : 0x00 (0)
[467] : 0x00 (0)
[468] : 0x00 (0)
[469] : 0x00 (0)
[470] : 0x00 (0)
[471] : 0x00 (0)
[472] : 0x00 (0)
[473] : 0x00 (0)
[474] : 0x00 (0)
[475] : 0x00 (0)
[476] : 0x00 (0)
[477] : 0x00 (0)
[478] : 0x00 (0)
[479] : 0x00 (0)
[480] : 0x00 (0)
[481] : 0x00 (0)
[482] : 0x00 (0)
[483] : 0x00 (0)
[484] : 0x00 (0)
[485] : 0x00 (0)
[486] : 0x00 (0)
[487] : 0x00 (0)
[488] : 0x00 (0)
[489] : 0x00 (0)
[490] : 0x00 (0)
[491] : 0x00 (0)
[492] : 0x00 (0)
[493] : 0x00 (0)
[494] : 0x00 (0)
[495] : 0x00 (0)
[496] : 0x00 (0)
[497] : 0x00 (0)
[498] : 0x00 (0)
[499] : 0x00 (0)
[500] : 0x00 (0)
[501] : 0x00 (0)
[502] : 0x00 (0)
[503] : 0x00 (0)
[504] : 0x00 (0)
[505] : 0x00 (0)
[506] : 0x00 (0)
[507] : 0x00 (0)
[508] : 0x00 (0)
[509] : 0x00 (0)
[510] : 0x00 (0)
[511] : 0x00 (0)
[512] : 0x00 (0)
[513] : 0x00 (0)
[514] : 0x00 (0)
[515] : 0x00 (0)
[516] : 0x00 (0)
[517] : 0x00 (0)
[518] : 0x00 (0)
[519] : 0x00 (0)
needed : *
needed : 0x0000001e (30)
result : WERR_OK
[2014/03/19 16:57:15.118844, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.118888, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.118927, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0230 (560)
auth_length : 0x0000 (0)
call_id : 0x00000003 (3)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000218 (536)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=536
[0000] 01 00 00 00 08 02 00 00 57 00 69 00 6E 00 64 00 ........ W.i.n.d.
[0010] 6F 00 77 00 73 00 20 00 4E 00 54 00 20 00 78 00 o.w.s. . N.T. .x.
[0020] 38 00 36 00 00 00 00 00 00 00 00 00 00 00 00 00 8.6..... ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0210] 1E 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:15.119959, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 536 bytes
[2014/03/19 16:57:15.119992, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 560
[2014/03/19 16:57:15.120051, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 43 going async
[2014/03/19 16:57:15.120089, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/44/31
[2014/03/19 16:57:15.120126, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.120287, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 560 bytes. There is no more data outstanding
[2014/03/19 16:57:15.120324, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 560 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:15.120357, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 560 status NT_STATUS_OK
[2014/03/19 16:57:15.120388, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:560] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.120420, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/44/31
[2014/03/19 16:57:15.120750, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.120789, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 44 (position 44) from bitmap
[2014/03/19 16:57:15.120821, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 44
[2014/03/19 16:57:15.120854, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.120888, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 44, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.120919, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4116955191
[2014/03/19 16:57:15.120952, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 88
[2014/03/19 16:57:15.120982, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 88
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 88
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.121906, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 88
[2014/03/19 16:57:15.121946, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.122082, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.122127, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.122158, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.122192, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.122225, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.122256, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.122784, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.122938, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.122971, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.123073, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:15.123117, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:15.123152, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000016-0000-0000-2953-5bbe88600000
value_name : 'MajorVersion'
offered : 0x00000004 (4)
[2014/03/19 16:57:15.123262, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 16 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.123316, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:15.123345, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [MajorVersion]
[2014/03/19 16:57:15.123406, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:MajorVersion
[2014/03/19 16:57:15.123445, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x03 (3)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
needed : *
needed : 0x00000004 (4)
result : WERR_OK
[2014/03/19 16:57:15.123604, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.123643, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.123681, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x002c (44)
auth_length : 0x0000 (0)
call_id : 0x00000004 (4)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000014 (20)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=20
[0000] 04 00 00 00 04 00 00 00 03 00 00 00 04 00 00 00 ........ ........
[0010] 00 00 00 00 ....
[2014/03/19 16:57:15.124037, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 20 bytes
[2014/03/19 16:57:15.124076, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 44
[2014/03/19 16:57:15.124127, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 44 going async
[2014/03/19 16:57:15.124162, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/45/31
[2014/03/19 16:57:15.124193, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.124351, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 44 bytes. There is no more data outstanding
[2014/03/19 16:57:15.124387, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 44 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:15.124439, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 44 status NT_STATUS_OK
[2014/03/19 16:57:15.124472, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:44] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.124503, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/45/31
[2014/03/19 16:57:15.125009, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.125048, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 45 (position 45) from bitmap
[2014/03/19 16:57:15.125091, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 45
[2014/03/19 16:57:15.125129, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.125161, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 45, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.125191, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 4116955191
[2014/03/19 16:57:15.125229, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 44
[2014/03/19 16:57:15.125261, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 44
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 44
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.125474, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 44
[2014/03/19 16:57:15.125508, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.125604, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.125636, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.125662, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.125691, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.125730, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.125758, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.126301, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.126449, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.126481, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.126522, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1d - api_rpcTNP: rpc command: SPOOLSS_CLOSEPRINTER
[2014/03/19 16:57:15.126553, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[29].fn == 0x7f5de30319b4
[2014/03/19 16:57:15.126584, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
in: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000016-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.126680, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 16 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.126731, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 16 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.126780, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 16 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.126840, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.126868, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
out: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.126992, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.127109, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.127158, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000005 (5)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:15.127500, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:15.127529, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:15.127577, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 45 going async
[2014/03/19 16:57:15.127621, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/46/31
[2014/03/19 16:57:15.127651, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.127802, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:15.127837, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:15.127893, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:15.127935, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.127965, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/46/31
[2014/03/19 16:57:15.128112, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.128148, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 46 (position 46) from bitmap
[2014/03/19 16:57:15.128255, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 46
[2014/03/19 16:57:15.128288, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.128321, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:15.128359, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.128399, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:15.128430, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key ED279C7C
[2014/03/19 16:57:15.128463, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586d560
[2014/03/19 16:57:15.128510, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key 'ED279C7C' stored
[2014/03/19 16:57:15.128543, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0xed279c7c (3978796156)
open_persistent_id : 0x00000000ed279c7c (3978796156)
open_volatile_id : 0x0000000092c148cd (2462140621)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:15 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:15.128846, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key ED279C7C
[2014/03/19 16:57:15.128899, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.128930, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:15.128959, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0xed279c7c) stored
[2014/03/19 16:57:15.128986, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0x92c148cd (2462140621)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0xed279c7c (3978796156)
open_persistent_id : 0x00000000ed279c7c (3978796156)
open_volatile_id : 0x0000000092c148cd (2462140621)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:15 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:15 PM 2014 CET
compat : NULL
[2014/03/19 16:57:15.129387, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 2462140621 (2 used)
[2014/03/19 16:57:15.129420, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:15.129454, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:15.129552, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:15.129586, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 2462140621
[2014/03/19 16:57:15.129639, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:15.129668, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/47/31
[2014/03/19 16:57:15.130218, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.130264, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 47 (position 47) from bitmap
[2014/03/19 16:57:15.130293, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 47
[2014/03/19 16:57:15.130336, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.130367, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 4116955191
[2014/03/19 16:57:15.130424, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.130453, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:15.130483, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 0B1A8CE2
[2014/03/19 16:57:15.130516, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de58724c0
[2014/03/19 16:57:15.130563, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 0B1A8CE2
[2014/03/19 16:57:15.130595, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.130623, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:15.130666, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:15.130716, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 4116955191 (1 used)
[2014/03/19 16:57:15.130752, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:15.130788, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/48/31
[2014/03/19 16:57:15.131251, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.131487, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 48 (position 48) from bitmap
[2014/03/19 16:57:15.131564, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 48
[2014/03/19 16:57:15.131696, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.131861, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 48, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.131957, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 2462140621
[2014/03/19 16:57:15.132095, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.132566, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:15.132670, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/49/31
[2014/03/19 16:57:15.132970, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.133150, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:15.133194, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:15.133226, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:15.133287, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:15.133374, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:15.133463, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:15.133571, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:15.133729, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:15.136080, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:15.136116, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:15.136305, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.136399, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 49 (position 49) from bitmap
[2014/03/19 16:57:15.136519, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 49
[2014/03/19 16:57:15.136660, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.136750, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 49, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.136836, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 2462140621
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.137151, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:15.137296, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:15.137395, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/50/31
[2014/03/19 16:57:15.137971, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.138115, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 50 (position 50) from bitmap
[2014/03/19 16:57:15.138146, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 50
[2014/03/19 16:57:15.138177, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.138225, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 50, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.138337, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 2462140621
[2014/03/19 16:57:15.138437, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 1136
[2014/03/19 16:57:15.138509, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 1136
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 1136
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.138944, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 1136
[2014/03/19 16:57:15.139204, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.139396, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.139483, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.139568, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.139674, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.139754, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.139855, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.142173, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.142630, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.142733, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.142832, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0xa - api_rpcTNP: rpc command: SPOOLSS_ENUMPRINTERDRIVERS
[2014/03/19 16:57:15.142910, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[10].fn == 0x7f5de302e0fe
[2014/03/19 16:57:15.143184, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_EnumPrinterDrivers: struct spoolss_EnumPrinterDrivers
in: struct spoolss_EnumPrinterDrivers
server : *
server : '\\samba'
environment : *
environment : 'Windows X64'
level : 0x00000001 (1)
buffer : *
buffer : DATA_BLOB length=1024
[0000] 43 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C....... ........
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0210] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0220] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0230] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0240] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0250] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0260] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0270] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0280] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0290] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0300] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0310] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0320] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0330] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0340] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0350] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0360] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0370] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0380] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0390] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
offered : 0x00000400 (1024)
[2014/03/19 16:57:15.147518, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7697(_spoolss_EnumPrinterDrivers)
_spoolss_EnumPrinterDrivers
[2014/03/19 16:57:15.147683, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:204(make_internal_rpc_pipe_p)
Create pipe requested winreg
[2014/03/19 16:57:15.147801, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe winreg
[2014/03/19 16:57:15.147901, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe winreg
[2014/03/19 16:57:15.148072, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:244(make_internal_rpc_pipe_p)
Created internal pipe winreg
[2014/03/19 16:57:15.148254, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.148582, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [HKLM]
[2014/03/19 16:57:15.148620, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.148662, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(4269076555) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:15.148697, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.148725, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:15.148753, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:15.148863, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.148902, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open)
regdb_open: registry db opened. refcount reset (1)
[2014/03/19 16:57:15.148936, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM]
[2014/03/19 16:57:15.148975, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM]
[2014/03/19 16:57:15.149070, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.149104, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM]
[2014/03/19 16:57:15.149172, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM]
[2014/03/19 16:57:15.149228, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/access_check.c:188(se_access_check)
se_access_check: MAX desired = 0x2000000, granted = 0xf003f, remaining = 0xf003f
[2014/03/19 16:57:15.149264, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 17 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.149327, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000017-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.149472, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000017-0000-0000-2953-5bbe88600000
keyname: struct winreg_String
name_len : 0x00a4 (164)
name_size : 0x00a4 (164)
name : *
name : 'SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64\Drivers\Version-0'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.149780, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 17 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.149834, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [SYSTEM]
[2014/03/19 16:57:15.149864, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (1->2)
[2014/03/19 16:57:15.149895, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
[2014/03/19 16:57:15.149935, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM]
[2014/03/19 16:57:15.149966, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.150035, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM]
[2014/03/19 16:57:15.150098, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM]
[2014/03/19 16:57:15.150143, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [CurrentControlSet]
[2014/03/19 16:57:15.150175, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (2->3)
[2014/03/19 16:57:15.150205, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.150245, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.150275, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.150304, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.150350, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.150413, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Control]
[2014/03/19 16:57:15.150451, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (3->4)
[2014/03/19 16:57:15.150483, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.150511, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.150543, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.150572, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.150617, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.150660, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Print]
[2014/03/19 16:57:15.150692, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (4->5)
[2014/03/19 16:57:15.150734, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.150762, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.150792, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.150820, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.150876, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.150922, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Environments]
[2014/03/19 16:57:15.150954, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (5->6)
[2014/03/19 16:57:15.150984, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.151039, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.151078, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.151122, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.151179, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.151225, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Windows X64]
[2014/03/19 16:57:15.151257, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (6->7)
[2014/03/19 16:57:15.151287, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.151317, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.151351, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.151382, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.151417, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:1725(regdb_fetch_keys_internal)
key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64] not found
[2014/03/19 16:57:15.151448, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (7->6)
[2014/03/19 16:57:15.151487, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (6->5)
[2014/03/19 16:57:15.151518, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (5->4)
[2014/03/19 16:57:15.151547, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (4->3)
[2014/03/19 16:57:15.151576, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (3->2)
[2014/03/19 16:57:15.151604, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (2->1)
[2014/03/19 16:57:15.151633, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_BADFILE
[2014/03/19 16:57:15.151761, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000017-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.151860, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 17 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.151911, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 17 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.151983, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.152057, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (1->0)
[2014/03/19 16:57:15.152097, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.152214, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_client/cli_winreg_spoolss.c:3897(winreg_get_driver_list)
winreg_get_driver_list: Could not open key (Windows X64,0): WERR_BADFILE
[2014/03/19 16:57:15.152246, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7548(enumprinterdrivers_level_by_architecture)
we have:[0] drivers in environment [Windows X64] and version [0]
[2014/03/19 16:57:15.152304, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.152500, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [HKLM]
[2014/03/19 16:57:15.152530, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.152559, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(4269076555) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:15.152597, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.152629, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:15.152668, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:15.152757, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.152787, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open)
regdb_open: registry db opened. refcount reset (1)
[2014/03/19 16:57:15.152827, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM]
[2014/03/19 16:57:15.152853, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM]
[2014/03/19 16:57:15.152879, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.152915, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM]
[2014/03/19 16:57:15.152957, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM]
[2014/03/19 16:57:15.153066, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/access_check.c:188(se_access_check)
se_access_check: MAX desired = 0x2000000, granted = 0xf003f, remaining = 0xf003f
[2014/03/19 16:57:15.153106, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 18 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.153168, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000018-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.153291, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000018-0000-0000-2953-5bbe88600000
keyname: struct winreg_String
name_len : 0x00a4 (164)
name_size : 0x00a4 (164)
name : *
name : 'SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64\Drivers\Version-1'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.153609, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 18 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.153661, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [SYSTEM]
[2014/03/19 16:57:15.153691, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (1->2)
[2014/03/19 16:57:15.153742, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
[2014/03/19 16:57:15.153772, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM]
[2014/03/19 16:57:15.153801, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.153829, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM]
[2014/03/19 16:57:15.153880, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM]
[2014/03/19 16:57:15.153922, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [CurrentControlSet]
[2014/03/19 16:57:15.153954, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (2->3)
[2014/03/19 16:57:15.153984, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.154034, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.154068, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.154096, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.154140, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.154194, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Control]
[2014/03/19 16:57:15.154226, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (3->4)
[2014/03/19 16:57:15.154261, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.154290, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.154325, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.154357, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.154403, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.154447, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Print]
[2014/03/19 16:57:15.154492, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (4->5)
[2014/03/19 16:57:15.154525, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.154554, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.154585, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.154615, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.154673, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.154718, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Environments]
[2014/03/19 16:57:15.154751, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (5->6)
[2014/03/19 16:57:15.154783, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.154824, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.154857, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.154886, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.154935, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.154991, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Windows X64]
[2014/03/19 16:57:15.155037, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (6->7)
[2014/03/19 16:57:15.155078, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.155118, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.155151, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.155181, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.155218, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:1725(regdb_fetch_keys_internal)
key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64] not found
[2014/03/19 16:57:15.155249, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (7->6)
[2014/03/19 16:57:15.155290, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (6->5)
[2014/03/19 16:57:15.155322, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (5->4)
[2014/03/19 16:57:15.155366, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (4->3)
[2014/03/19 16:57:15.155397, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (3->2)
[2014/03/19 16:57:15.155427, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (2->1)
[2014/03/19 16:57:15.155468, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_BADFILE
[2014/03/19 16:57:15.155579, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000018-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.155687, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 18 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.155740, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 18 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.155803, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.155833, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (1->0)
[2014/03/19 16:57:15.155872, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.156041, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_client/cli_winreg_spoolss.c:3897(winreg_get_driver_list)
winreg_get_driver_list: Could not open key (Windows X64,1): WERR_BADFILE
[2014/03/19 16:57:15.156084, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7548(enumprinterdrivers_level_by_architecture)
we have:[0] drivers in environment [Windows X64] and version [1]
[2014/03/19 16:57:15.156135, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.156280, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [HKLM]
[2014/03/19 16:57:15.156324, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.156356, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(4269076555) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:15.156401, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.156431, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:15.156478, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:15.156557, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.156592, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open)
regdb_open: registry db opened. refcount reset (1)
[2014/03/19 16:57:15.156634, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM]
[2014/03/19 16:57:15.156666, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM]
[2014/03/19 16:57:15.156697, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.156725, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM]
[2014/03/19 16:57:15.156773, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM]
[2014/03/19 16:57:15.156830, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/access_check.c:188(se_access_check)
se_access_check: MAX desired = 0x2000000, granted = 0xf003f, remaining = 0xf003f
[2014/03/19 16:57:15.156867, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 19 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.156920, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000019-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.157860, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000019-0000-0000-2953-5bbe88600000
keyname: struct winreg_String
name_len : 0x00a4 (164)
name_size : 0x00a4 (164)
name : *
name : 'SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64\Drivers\Version-2'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.158215, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 19 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.158272, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [SYSTEM]
[2014/03/19 16:57:15.158303, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (1->2)
[2014/03/19 16:57:15.158347, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
[2014/03/19 16:57:15.158378, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM]
[2014/03/19 16:57:15.158409, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.158438, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM]
[2014/03/19 16:57:15.158483, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM]
[2014/03/19 16:57:15.158530, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [CurrentControlSet]
[2014/03/19 16:57:15.158563, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (2->3)
[2014/03/19 16:57:15.158595, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.158625, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.158666, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.158697, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.158744, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.158789, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Control]
[2014/03/19 16:57:15.158833, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (3->4)
[2014/03/19 16:57:15.158866, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.158901, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.158933, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.158962, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.159037, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.159090, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Print]
[2014/03/19 16:57:15.159125, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (4->5)
[2014/03/19 16:57:15.159182, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.159213, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.159244, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.159274, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.159335, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.159383, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Environments]
[2014/03/19 16:57:15.159416, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (5->6)
[2014/03/19 16:57:15.159448, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.159491, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.159523, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.159553, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.159602, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.159661, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Windows X64]
[2014/03/19 16:57:15.159695, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (6->7)
[2014/03/19 16:57:15.159728, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.159758, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.159790, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.159830, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.159868, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:1725(regdb_fetch_keys_internal)
key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64] not found
[2014/03/19 16:57:15.159900, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (7->6)
[2014/03/19 16:57:15.159931, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (6->5)
[2014/03/19 16:57:15.159961, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (5->4)
[2014/03/19 16:57:15.160039, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (4->3)
[2014/03/19 16:57:15.160079, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (3->2)
[2014/03/19 16:57:15.160111, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (2->1)
[2014/03/19 16:57:15.160154, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_BADFILE
[2014/03/19 16:57:15.160284, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000019-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.160390, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 19 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.160444, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 19 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.160507, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.160538, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (1->0)
[2014/03/19 16:57:15.160576, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.160697, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_client/cli_winreg_spoolss.c:3897(winreg_get_driver_list)
winreg_get_driver_list: Could not open key (Windows X64,2): WERR_BADFILE
[2014/03/19 16:57:15.160732, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7548(enumprinterdrivers_level_by_architecture)
we have:[0] drivers in environment [Windows X64] and version [2]
[2014/03/19 16:57:15.160770, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.160928, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [HKLM]
[2014/03/19 16:57:15.160962, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.161073, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(4269076555) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:15.161114, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.161157, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:15.161187, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:15.161285, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.161330, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open)
regdb_open: registry db opened. refcount reset (1)
[2014/03/19 16:57:15.161362, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM]
[2014/03/19 16:57:15.161392, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM]
[2014/03/19 16:57:15.161422, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.161451, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM]
[2014/03/19 16:57:15.161510, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM]
[2014/03/19 16:57:15.161554, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/access_check.c:188(se_access_check)
se_access_check: MAX desired = 0x2000000, granted = 0xf003f, remaining = 0xf003f
[2014/03/19 16:57:15.161589, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 1A 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.161655, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001a-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.161770, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001a-0000-0000-2953-5bbe88600000
keyname: struct winreg_String
name_len : 0x00a4 (164)
name_size : 0x00a4 (164)
name : *
name : 'SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64\Drivers\Version-3'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.162121, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1A 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.162178, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [SYSTEM]
[2014/03/19 16:57:15.162209, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (1->2)
[2014/03/19 16:57:15.162264, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
[2014/03/19 16:57:15.162296, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM]
[2014/03/19 16:57:15.162327, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.162356, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM]
[2014/03/19 16:57:15.162400, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM]
[2014/03/19 16:57:15.162459, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [CurrentControlSet]
[2014/03/19 16:57:15.162493, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (2->3)
[2014/03/19 16:57:15.162525, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.162554, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.162586, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.162616, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.162663, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.162709, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Control]
[2014/03/19 16:57:15.162767, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (3->4)
[2014/03/19 16:57:15.162802, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.162836, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.162868, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.162898, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.162957, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.163038, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Print]
[2014/03/19 16:57:15.163088, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (4->5)
[2014/03/19 16:57:15.163122, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.163152, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.163183, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.163212, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.163289, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.163340, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Environments]
[2014/03/19 16:57:15.163374, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (5->6)
[2014/03/19 16:57:15.163406, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.163448, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.163480, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.163510, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.163554, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.163617, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Windows X64]
[2014/03/19 16:57:15.163651, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (6->7)
[2014/03/19 16:57:15.163682, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.163713, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.163744, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.163784, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64]
[2014/03/19 16:57:15.163821, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:1725(regdb_fetch_keys_internal)
key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows X64] not found
[2014/03/19 16:57:15.163853, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (7->6)
[2014/03/19 16:57:15.163884, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (6->5)
[2014/03/19 16:57:15.163914, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (5->4)
[2014/03/19 16:57:15.163956, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (4->3)
[2014/03/19 16:57:15.163986, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (3->2)
[2014/03/19 16:57:15.164039, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (2->1)
[2014/03/19 16:57:15.164091, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_BADFILE
[2014/03/19 16:57:15.164205, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001a-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.164322, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1A 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.164382, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1A 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.164445, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.164476, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (1->0)
[2014/03/19 16:57:15.164514, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.164634, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_client/cli_winreg_spoolss.c:3897(winreg_get_driver_list)
winreg_get_driver_list: Could not open key (Windows X64,3): WERR_BADFILE
[2014/03/19 16:57:15.164669, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7548(enumprinterdrivers_level_by_architecture)
we have:[0] drivers in environment [Windows X64] and version [3]
[2014/03/19 16:57:15.164700, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection winreg
[2014/03/19 16:57:15.164756, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_EnumPrinterDrivers: struct spoolss_EnumPrinterDrivers
out: struct spoolss_EnumPrinterDrivers
count : *
count : 0x00000000 (0)
info : *
info : NULL
needed : *
needed : 0x00000000 (0)
result : WERR_OK
[2014/03/19 16:57:15.164892, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.164904, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.164949, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x042c (1068)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000414 (1044)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=1044
[0000] 0C 00 02 00 00 04 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0210] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0220] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0230] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0240] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0250] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0260] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0270] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0280] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0290] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0300] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0310] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0320] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0330] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0340] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0350] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0360] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0370] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0380] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0390] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0400] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0410] 00 00 00 00 ....
[2014/03/19 16:57:15.166714, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 1044 bytes
[2014/03/19 16:57:15.166744, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 1068
[2014/03/19 16:57:15.166810, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 50 going async
[2014/03/19 16:57:15.166857, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/51/31
[2014/03/19 16:57:15.166886, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.167151, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 1024 bytes. There is more data outstanding
[2014/03/19 16:57:15.167186, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 1024 is_data_outstanding = 1, status = NT_STATUS_OK
[2014/03/19 16:57:15.167221, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 1024 status STATUS_BUFFER_OVERFLOW
[2014/03/19 16:57:15.167250, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[STATUS_BUFFER_OVERFLOW] body[48] dyn[yes:1024] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.167295, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/51/31
[2014/03/19 16:57:15.167525, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.167562, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 51 (position 51) from bitmap
[2014/03/19 16:57:15.167605, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 51
[2014/03/19 16:57:15.167637, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.167669, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 51, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.167699, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 2462140621
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.167870, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 44 bytes. There is no more data outstanding
[2014/03/19 16:57:15.167903, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:44] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:15.167944, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/52/31
[2014/03/19 16:57:15.168388, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.168426, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 52 (position 52) from bitmap
[2014/03/19 16:57:15.168456, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 52
[2014/03/19 16:57:15.168500, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.168530, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 2462140621
[2014/03/19 16:57:15.168583, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.168611, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:15.168644, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key ED279C7C
[2014/03/19 16:57:15.168675, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586c620
[2014/03/19 16:57:15.168717, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key ED279C7C
[2014/03/19 16:57:15.168747, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.168773, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:15.168809, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:15.168875, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 2462140621 (0 used)
[2014/03/19 16:57:15.168907, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:15.168936, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/53/31
[2014/03/19 16:57:15.170215, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.170261, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 53 (position 53) from bitmap
[2014/03/19 16:57:15.170305, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 53
[2014/03/19 16:57:15.170334, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.170365, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:15.170401, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.170452, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:15.170481, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key B58C28E8
[2014/03/19 16:57:15.170510, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586c220
[2014/03/19 16:57:15.170552, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key 'B58C28E8' stored
[2014/03/19 16:57:15.170594, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0xb58c28e8 (3045861608)
open_persistent_id : 0x00000000b58c28e8 (3045861608)
open_volatile_id : 0x00000000a707a08c (2802294924)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:15 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:15.170936, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key B58C28E8
[2014/03/19 16:57:15.170967, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.171033, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:15.171090, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0xb58c28e8) stored
[2014/03/19 16:57:15.171117, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0xa707a08c (2802294924)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0xb58c28e8 (3045861608)
open_persistent_id : 0x00000000b58c28e8 (3045861608)
open_volatile_id : 0x00000000a707a08c (2802294924)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:15 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:15 PM 2014 CET
compat : NULL
[2014/03/19 16:57:15.171494, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 2802294924 (1 used)
[2014/03/19 16:57:15.171544, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:15.171582, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:15.171653, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:15.171700, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 2802294924
[2014/03/19 16:57:15.171735, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:15.171767, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/54/31
[2014/03/19 16:57:15.172214, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.172251, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 54 (position 54) from bitmap
[2014/03/19 16:57:15.172282, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 54
[2014/03/19 16:57:15.172313, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.172370, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 54, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.172401, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 2802294924
[2014/03/19 16:57:15.172443, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.172603, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:15.172640, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/55/31
[2014/03/19 16:57:15.172800, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.172845, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:15.172875, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:15.172983, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:15.173036, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:15.173074, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:15.173104, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:15.173134, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:15.173171, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:15.173624, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:15.173654, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:15.173717, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.173762, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 55 (position 55) from bitmap
[2014/03/19 16:57:15.173804, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 55
[2014/03/19 16:57:15.173836, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.173867, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 55, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.173897, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 2802294924
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.174111, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:15.174152, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:15.174197, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/56/31
[2014/03/19 16:57:15.174732, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.174769, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 56 (position 56) from bitmap
[2014/03/19 16:57:15.174809, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 56
[2014/03/19 16:57:15.174841, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.174872, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 56, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.174908, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 2802294924
[2014/03/19 16:57:15.174940, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 1140
[2014/03/19 16:57:15.174969, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 1140
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 1140
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.175172, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 1140
[2014/03/19 16:57:15.175205, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.175278, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.175312, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.175341, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.175374, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.175405, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.175445, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.175967, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.176088, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.176121, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.176163, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0xa - api_rpcTNP: rpc command: SPOOLSS_ENUMPRINTERDRIVERS
[2014/03/19 16:57:15.176194, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[10].fn == 0x7f5de302e0fe
[2014/03/19 16:57:15.176227, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_EnumPrinterDrivers: struct spoolss_EnumPrinterDrivers
in: struct spoolss_EnumPrinterDrivers
server : *
server : '\\samba'
environment : *
environment : 'Windows IA64'
level : 0x00000001 (1)
buffer : *
buffer : DATA_BLOB length=1024
[0000] 43 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C....... ........
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0210] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0220] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0230] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0240] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0250] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0260] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0270] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0280] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0290] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0300] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0310] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0320] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0330] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0340] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0350] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0360] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0370] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0380] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0390] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
offered : 0x00000400 (1024)
[2014/03/19 16:57:15.177752, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7697(_spoolss_EnumPrinterDrivers)
_spoolss_EnumPrinterDrivers
[2014/03/19 16:57:15.177811, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:204(make_internal_rpc_pipe_p)
Create pipe requested winreg
[2014/03/19 16:57:15.177862, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe winreg
[2014/03/19 16:57:15.177932, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe winreg
[2014/03/19 16:57:15.178107, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:244(make_internal_rpc_pipe_p)
Created internal pipe winreg
[2014/03/19 16:57:15.178175, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.178433, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [HKLM]
[2014/03/19 16:57:15.178480, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.178545, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(4269076555) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:15.178579, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.178646, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:15.178690, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:15.178770, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.178806, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open)
regdb_open: registry db opened. refcount reset (1)
[2014/03/19 16:57:15.178851, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM]
[2014/03/19 16:57:15.178883, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM]
[2014/03/19 16:57:15.178915, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.178944, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM]
[2014/03/19 16:57:15.179046, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM]
[2014/03/19 16:57:15.179097, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/access_check.c:188(se_access_check)
se_access_check: MAX desired = 0x2000000, granted = 0xf003f, remaining = 0xf003f
[2014/03/19 16:57:15.179141, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 1B 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.179208, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001b-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.179340, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001b-0000-0000-2953-5bbe88600000
keyname: struct winreg_String
name_len : 0x00a6 (166)
name_size : 0x00a6 (166)
name : *
name : 'SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64\Drivers\Version-0'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.179676, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1B 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.179734, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [SYSTEM]
[2014/03/19 16:57:15.179766, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (1->2)
[2014/03/19 16:57:15.179812, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
[2014/03/19 16:57:15.179843, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM]
[2014/03/19 16:57:15.179875, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.179905, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM]
[2014/03/19 16:57:15.179960, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM]
[2014/03/19 16:57:15.180040, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [CurrentControlSet]
[2014/03/19 16:57:15.180092, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (2->3)
[2014/03/19 16:57:15.180127, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.180157, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.180189, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.180219, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.180281, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.180328, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Control]
[2014/03/19 16:57:15.180362, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (3->4)
[2014/03/19 16:57:15.180395, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.180437, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.180469, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.180500, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.180548, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.180614, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Print]
[2014/03/19 16:57:15.180649, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (4->5)
[2014/03/19 16:57:15.180682, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.180719, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.180758, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.180790, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.180839, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.180900, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Environments]
[2014/03/19 16:57:15.180935, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (5->6)
[2014/03/19 16:57:15.180968, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.181056, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.181094, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.181126, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.181172, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.181234, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Windows IA64]
[2014/03/19 16:57:15.181269, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (6->7)
[2014/03/19 16:57:15.181305, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.181344, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.181391, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.181423, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.181462, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:1725(regdb_fetch_keys_internal)
key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64] not found
[2014/03/19 16:57:15.181501, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (7->6)
[2014/03/19 16:57:15.181547, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (6->5)
[2014/03/19 16:57:15.181596, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (5->4)
[2014/03/19 16:57:15.181629, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (4->3)
[2014/03/19 16:57:15.181660, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (3->2)
[2014/03/19 16:57:15.181704, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (2->1)
[2014/03/19 16:57:15.181736, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_BADFILE
[2014/03/19 16:57:15.181862, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001b-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.181957, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1B 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.182106, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1B 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.182176, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.182208, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (1->0)
[2014/03/19 16:57:15.182248, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.182372, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_client/cli_winreg_spoolss.c:3897(winreg_get_driver_list)
winreg_get_driver_list: Could not open key (Windows IA64,0): WERR_BADFILE
[2014/03/19 16:57:15.182414, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7548(enumprinterdrivers_level_by_architecture)
we have:[0] drivers in environment [Windows IA64] and version [0]
[2014/03/19 16:57:15.182455, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.182676, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [HKLM]
[2014/03/19 16:57:15.182712, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.182746, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(4269076555) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:15.182777, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.182819, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:15.182850, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:15.182931, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.182980, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open)
regdb_open: registry db opened. refcount reset (1)
[2014/03/19 16:57:15.183040, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM]
[2014/03/19 16:57:15.183081, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM]
[2014/03/19 16:57:15.183114, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.183144, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM]
[2014/03/19 16:57:15.183194, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM]
[2014/03/19 16:57:15.183239, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/access_check.c:188(se_access_check)
se_access_check: MAX desired = 0x2000000, granted = 0xf003f, remaining = 0xf003f
[2014/03/19 16:57:15.183278, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 1C 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.183339, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001c-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.183474, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001c-0000-0000-2953-5bbe88600000
keyname: struct winreg_String
name_len : 0x00a6 (166)
name_size : 0x00a6 (166)
name : *
name : 'SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64\Drivers\Version-1'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.183812, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1C 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.183870, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [SYSTEM]
[2014/03/19 16:57:15.183914, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (1->2)
[2014/03/19 16:57:15.183958, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
[2014/03/19 16:57:15.183990, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM]
[2014/03/19 16:57:15.184050, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.184093, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM]
[2014/03/19 16:57:15.184140, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM]
[2014/03/19 16:57:15.184205, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [CurrentControlSet]
[2014/03/19 16:57:15.184240, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (2->3)
[2014/03/19 16:57:15.184273, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.184304, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.184348, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.184379, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.184426, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.184472, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Control]
[2014/03/19 16:57:15.184510, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (3->4)
[2014/03/19 16:57:15.184549, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.184581, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.184634, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.184667, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.184716, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.184762, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Print]
[2014/03/19 16:57:15.184809, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (4->5)
[2014/03/19 16:57:15.184843, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.184873, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.184905, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.184940, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.185084, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.185159, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Environments]
[2014/03/19 16:57:15.185195, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (5->6)
[2014/03/19 16:57:15.185228, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.185259, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.185305, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.185336, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.185380, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.185426, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Windows IA64]
[2014/03/19 16:57:15.185473, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (6->7)
[2014/03/19 16:57:15.185520, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.185553, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.185586, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.185629, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.185668, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:1725(regdb_fetch_keys_internal)
key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64] not found
[2014/03/19 16:57:15.185701, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (7->6)
[2014/03/19 16:57:15.185739, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (6->5)
[2014/03/19 16:57:15.185783, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (5->4)
[2014/03/19 16:57:15.185815, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (4->3)
[2014/03/19 16:57:15.185846, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (3->2)
[2014/03/19 16:57:15.185877, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (2->1)
[2014/03/19 16:57:15.185908, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_BADFILE
[2014/03/19 16:57:15.186127, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001c-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.186221, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1C 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.186289, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1C 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.186343, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.186373, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (1->0)
[2014/03/19 16:57:15.186426, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.186563, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_client/cli_winreg_spoolss.c:3897(winreg_get_driver_list)
winreg_get_driver_list: Could not open key (Windows IA64,1): WERR_BADFILE
[2014/03/19 16:57:15.186600, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7548(enumprinterdrivers_level_by_architecture)
we have:[0] drivers in environment [Windows IA64] and version [1]
[2014/03/19 16:57:15.186645, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.186810, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [HKLM]
[2014/03/19 16:57:15.186844, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.186889, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(4269076555) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:15.186921, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.186951, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:15.186981, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:15.187118, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.187154, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open)
regdb_open: registry db opened. refcount reset (1)
[2014/03/19 16:57:15.187200, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM]
[2014/03/19 16:57:15.187232, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM]
[2014/03/19 16:57:15.187263, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.187293, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM]
[2014/03/19 16:57:15.187354, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM]
[2014/03/19 16:57:15.187400, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/access_check.c:188(se_access_check)
se_access_check: MAX desired = 0x2000000, granted = 0xf003f, remaining = 0xf003f
[2014/03/19 16:57:15.187438, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 1D 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.187521, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001d-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.187643, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001d-0000-0000-2953-5bbe88600000
keyname: struct winreg_String
name_len : 0x00a6 (166)
name_size : 0x00a6 (166)
name : *
name : 'SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64\Drivers\Version-2'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.187978, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1D 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.188040, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [SYSTEM]
[2014/03/19 16:57:15.188081, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (1->2)
[2014/03/19 16:57:15.188128, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
[2014/03/19 16:57:15.188159, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM]
[2014/03/19 16:57:15.188191, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.188221, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM]
[2014/03/19 16:57:15.188276, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM]
[2014/03/19 16:57:15.188324, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [CurrentControlSet]
[2014/03/19 16:57:15.188364, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (2->3)
[2014/03/19 16:57:15.188398, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.188446, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.188507, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.188535, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.188591, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.188635, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Control]
[2014/03/19 16:57:15.188667, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (3->4)
[2014/03/19 16:57:15.188698, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.188726, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.188766, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.188794, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.188839, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.188881, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Print]
[2014/03/19 16:57:15.188923, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (4->5)
[2014/03/19 16:57:15.188954, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.188982, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.189053, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.189087, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.189139, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.189185, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Environments]
[2014/03/19 16:57:15.189227, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (5->6)
[2014/03/19 16:57:15.189258, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.189287, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.189317, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.189345, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.189397, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.189454, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Windows IA64]
[2014/03/19 16:57:15.189486, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (6->7)
[2014/03/19 16:57:15.189526, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.189556, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.189587, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.189615, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.189650, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:1725(regdb_fetch_keys_internal)
key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64] not found
[2014/03/19 16:57:15.189691, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (7->6)
[2014/03/19 16:57:15.189722, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (6->5)
[2014/03/19 16:57:15.189756, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (5->4)
[2014/03/19 16:57:15.189785, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (4->3)
[2014/03/19 16:57:15.189814, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (3->2)
[2014/03/19 16:57:15.189853, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (2->1)
[2014/03/19 16:57:15.189883, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_BADFILE
[2014/03/19 16:57:15.189988, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001d-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.190168, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1D 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.190220, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1D 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.190268, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.190297, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (1->0)
[2014/03/19 16:57:15.190344, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.190464, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_client/cli_winreg_spoolss.c:3897(winreg_get_driver_list)
winreg_get_driver_list: Could not open key (Windows IA64,2): WERR_BADFILE
[2014/03/19 16:57:15.190498, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7548(enumprinterdrivers_level_by_architecture)
we have:[0] drivers in environment [Windows IA64] and version [2]
[2014/03/19 16:57:15.190540, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.190692, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [HKLM]
[2014/03/19 16:57:15.190723, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.190753, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:491(push_conn_ctx)
push_conn_ctx(4269076555) : conn_ctx_stack_ndx = 0
[2014/03/19 16:57:15.190782, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2014/03/19 16:57:15.190811, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2014/03/19 16:57:15.190839, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2014/03/19 16:57:15.190913, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.190955, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open)
regdb_open: registry db opened. refcount reset (1)
[2014/03/19 16:57:15.190987, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM]
[2014/03/19 16:57:15.191036, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM]
[2014/03/19 16:57:15.191073, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.191112, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM]
[2014/03/19 16:57:15.191167, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM]
[2014/03/19 16:57:15.191210, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/access_check.c:188(se_access_check)
se_access_check: MAX desired = 0x2000000, granted = 0xf003f, remaining = 0xf003f
[2014/03/19 16:57:15.191256, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.191308, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001e-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.191439, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001e-0000-0000-2953-5bbe88600000
keyname: struct winreg_String
name_len : 0x00a6 (166)
name_size : 0x00a6 (166)
name : *
name : 'SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64\Drivers\Version-3'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
[2014/03/19 16:57:15.191734, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.191787, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [SYSTEM]
[2014/03/19 16:57:15.191817, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (1->2)
[2014/03/19 16:57:15.191847, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
[2014/03/19 16:57:15.191875, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM]
[2014/03/19 16:57:15.191914, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.191942, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM]
[2014/03/19 16:57:15.191982, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM]
[2014/03/19 16:57:15.192052, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [CurrentControlSet]
[2014/03/19 16:57:15.192086, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (2->3)
[2014/03/19 16:57:15.192122, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.192151, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.192190, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.192219, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.192263, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet]
[2014/03/19 16:57:15.192305, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Control]
[2014/03/19 16:57:15.192345, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (3->4)
[2014/03/19 16:57:15.192377, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.192411, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.192441, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.192469, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.192522, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control]
[2014/03/19 16:57:15.192564, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Print]
[2014/03/19 16:57:15.192595, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (4->5)
[2014/03/19 16:57:15.192625, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.192654, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.192684, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.192712, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.192760, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print]
[2014/03/19 16:57:15.192804, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Environments]
[2014/03/19 16:57:15.192846, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (5->6)
[2014/03/19 16:57:15.192877, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.192905, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.192935, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.192963, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.193045, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc)
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments]
[2014/03/19 16:57:15.193097, 7, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel)
regkey_open_onelevel: name = [Windows IA64]
[2014/03/19 16:57:15.193140, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open)
regdb_open: incrementing refcount (6->7)
[2014/03/19 16:57:15.193171, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.193200, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:367(pathtree_find)
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.193230, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/lib/adt_tree.c:440(pathtree_find)
pathtree_find: Exit
[2014/03/19 16:57:15.193258, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find)
reghook_cache_find: found ops 0x7f5ddfbb7800 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64]
[2014/03/19 16:57:15.193303, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:1725(regdb_fetch_keys_internal)
key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows IA64] not found
[2014/03/19 16:57:15.193334, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (7->6)
[2014/03/19 16:57:15.193377, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (6->5)
[2014/03/19 16:57:15.193408, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (5->4)
[2014/03/19 16:57:15.193453, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (4->3)
[2014/03/19 16:57:15.193483, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (3->2)
[2014/03/19 16:57:15.193511, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (2->1)
[2014/03/19 16:57:15.193539, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_BADFILE
[2014/03/19 16:57:15.193656, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001e-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.193755, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.193813, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.193862, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.193890, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close)
regdb_close: decrementing refcount (1->0)
[2014/03/19 16:57:15.193937, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.194102, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_client/cli_winreg_spoolss.c:3897(winreg_get_driver_list)
winreg_get_driver_list: Could not open key (Windows IA64,3): WERR_BADFILE
[2014/03/19 16:57:15.194139, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:7548(enumprinterdrivers_level_by_architecture)
we have:[0] drivers in environment [Windows IA64] and version [3]
[2014/03/19 16:57:15.194169, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection winreg
[2014/03/19 16:57:15.194216, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_EnumPrinterDrivers: struct spoolss_EnumPrinterDrivers
out: struct spoolss_EnumPrinterDrivers
count : *
count : 0x00000000 (0)
info : *
info : NULL
needed : *
needed : 0x00000000 (0)
result : WERR_OK
[2014/03/19 16:57:15.194341, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.194382, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.194419, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x042c (1068)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000414 (1044)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=1044
[0000] 0C 00 02 00 00 04 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0210] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0220] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0230] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0240] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0250] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0260] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0270] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0280] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0290] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[02F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0300] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0310] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0320] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0330] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0340] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0350] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0360] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0370] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0380] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0390] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[03F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0400] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0410] 00 00 00 00 ....
[2014/03/19 16:57:15.196853, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 1044 bytes
[2014/03/19 16:57:15.196883, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 1068
[2014/03/19 16:57:15.196932, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 56 going async
[2014/03/19 16:57:15.196980, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/57/31
[2014/03/19 16:57:15.197065, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.197232, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 1024 bytes. There is more data outstanding
[2014/03/19 16:57:15.197278, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 1024 is_data_outstanding = 1, status = NT_STATUS_OK
[2014/03/19 16:57:15.197310, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 1024 status STATUS_BUFFER_OVERFLOW
[2014/03/19 16:57:15.197340, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[STATUS_BUFFER_OVERFLOW] body[48] dyn[yes:1024] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.197370, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/57/31
[2014/03/19 16:57:15.197614, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.197651, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 57 (position 57) from bitmap
[2014/03/19 16:57:15.197682, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 57
[2014/03/19 16:57:15.197737, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.197769, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 57, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.197799, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 2802294924
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.197976, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 44 bytes. There is no more data outstanding
[2014/03/19 16:57:15.198162, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:44] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:15.198212, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/58/31
[2014/03/19 16:57:15.198690, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.198725, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 58 (position 58) from bitmap
[2014/03/19 16:57:15.198753, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 58
[2014/03/19 16:57:15.198783, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.198813, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 2802294924
[2014/03/19 16:57:15.198868, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.198895, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:15.198923, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key B58C28E8
[2014/03/19 16:57:15.198954, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586da50
[2014/03/19 16:57:15.199068, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key B58C28E8
[2014/03/19 16:57:15.199102, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.199131, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:15.199170, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:15.199209, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 2802294924 (0 used)
[2014/03/19 16:57:15.199241, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:15.199272, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/59/31
[2014/03/19 16:57:15.203207, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.203244, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 59 (position 59) from bitmap
[2014/03/19 16:57:15.203306, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 59
[2014/03/19 16:57:15.203336, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.203368, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:15.203404, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.203442, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:15.203471, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 30072C75
[2014/03/19 16:57:15.203502, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586c220
[2014/03/19 16:57:15.203559, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key '30072C75' stored
[2014/03/19 16:57:15.203603, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x30072c75 (805776501)
open_persistent_id : 0x0000000030072c75 (805776501)
open_volatile_id : 0x000000002e6f3cc1 (779041985)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:15 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:15.203921, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 30072C75
[2014/03/19 16:57:15.203952, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.203981, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:15.204037, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0x30072c75) stored
[2014/03/19 16:57:15.204079, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0x2e6f3cc1 (779041985)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0x30072c75 (805776501)
open_persistent_id : 0x0000000030072c75 (805776501)
open_volatile_id : 0x000000002e6f3cc1 (779041985)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:15 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:15 PM 2014 CET
compat : NULL
[2014/03/19 16:57:15.204475, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 779041985 (1 used)
[2014/03/19 16:57:15.204517, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:15.204553, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:15.204626, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:15.204663, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 779041985
[2014/03/19 16:57:15.204708, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:15.204740, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/60/31
[2014/03/19 16:57:15.205161, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.205216, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 60 (position 60) from bitmap
[2014/03/19 16:57:15.205247, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 60
[2014/03/19 16:57:15.205290, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.205331, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 60, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.205360, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 779041985
[2014/03/19 16:57:15.205389, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.205551, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:15.205582, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/61/31
[2014/03/19 16:57:15.205747, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.205782, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:15.205824, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:15.205913, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:15.205954, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:15.205983, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:15.206068, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:15.206099, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:15.206160, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:15.206614, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:15.206641, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:15.206699, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.206730, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 61 (position 61) from bitmap
[2014/03/19 16:57:15.206769, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 61
[2014/03/19 16:57:15.206798, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.206826, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 61, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.206854, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 779041985
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.207133, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:15.207181, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:15.207212, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/62/31
[2014/03/19 16:57:15.207664, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.207701, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 62 (position 62) from bitmap
[2014/03/19 16:57:15.207732, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 62
[2014/03/19 16:57:15.207773, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.207805, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 62, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.207835, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 779041985
[2014/03/19 16:57:15.207866, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 194
[2014/03/19 16:57:15.207894, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 194
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 194
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.208100, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 194
[2014/03/19 16:57:15.208134, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.208196, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.208240, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.208269, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.208301, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.208338, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.208378, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.209181, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.209419, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.209487, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.209538, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX
[2014/03/19 16:57:15.209590, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[69].fn == 0x7f5de3038ac3
[2014/03/19 16:57:15.209682, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
in: struct spoolss_OpenPrinterEx
printername : *
printername : '\\samba'
datatype : NULL
devmode_ctr: struct spoolss_DevmodeContainer
_ndr_size : 0x00000000 (0)
devmode : NULL
access_mask : 0x00020002 (131074)
0: SERVER_ACCESS_ADMINISTER
1: SERVER_ACCESS_ENUMERATE
0: PRINTER_ACCESS_ADMINISTER
0: PRINTER_ACCESS_USE
0: JOB_ACCESS_ADMINISTER
0: JOB_ACCESS_READ
userlevel_ctr: struct spoolss_UserLevelCtr
level : 0x00000001 (1)
user_info : union spoolss_UserLevel(case 1)
level1 : *
level1: struct spoolss_UserLevel1
size : 0x00000028 (40)
client : *
client : 'WIN7CLI'
user : *
user : 'LEVEL1\Administrator'
build : 0x00001db1 (7601)
major : UNKNOWN_ENUM_VALUE (3)
minor : SPOOLSS_MINOR_VERSION_0 (0)
processor : PROCESSOR_ARCHITECTURE_AMD64 (9)
checking name: \\samba
[2014/03/19 16:57:15.210300, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:739(open_printer_hnd)
open_printer_hnd: name [\\samba]
[2014/03/19 16:57:15.210354, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal)
Opened policy hnd[1] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.210436, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:507(set_printer_hnd_printertype)
Setting printer type=\\samba
Printer is a print server
[2014/03/19 16:57:15.210535, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:567(set_printer_hnd_name)
Setting printer name=\\samba (len=7)
[2014/03/19 16:57:15.210588, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:775(open_printer_hnd)
1 printer handles active
[2014/03/19 16:57:15.210652, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.210734, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:1838(_spoolss_OpenPrinterEx)
Setting print server access = SERVER_ACCESS_ENUMERATE
[2014/03/19 16:57:15.210790, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_OpenPrinterEx: struct spoolss_OpenPrinterEx
out: struct spoolss_OpenPrinterEx
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001f-0000-0000-2953-5bbe88600000
result : WERR_OK
[2014/03/19 16:57:15.210964, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.211025, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.211156, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 1F 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 00 00 00 00 .`......
[2014/03/19 16:57:15.211791, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:15.211840, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:15.211937, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 62 going async
[2014/03/19 16:57:15.211992, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/63/31
[2014/03/19 16:57:15.212108, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.212390, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:15.212473, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:15.212541, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:15.212590, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.212661, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/63/31
[2014/03/19 16:57:15.213548, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.213630, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 63 (position 63) from bitmap
[2014/03/19 16:57:15.213680, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 63
[2014/03/19 16:57:15.213731, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.213809, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 63, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.213867, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 779041985
[2014/03/19 16:57:15.213938, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 88
[2014/03/19 16:57:15.213986, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 88
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 88
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.214385, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 88
[2014/03/19 16:57:15.214419, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.214526, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.214581, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.214628, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.214698, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.214750, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.214800, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.215791, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.216071, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.216133, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.216185, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:15.216237, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:15.216291, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001f-0000-0000-2953-5bbe88600000
value_name : 'Architecture'
offered : 0x00000208 (520)
[2014/03/19 16:57:15.216500, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.216605, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:15.216652, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [Architecture]
[2014/03/19 16:57:15.216715, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:Architecture
[2014/03/19 16:57:15.216774, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_SZ (1)
data : *
data: ARRAY(520)
[0] : 0x57 (87)
[1] : 0x00 (0)
[2] : 0x69 (105)
[3] : 0x00 (0)
[4] : 0x6e (110)
[5] : 0x00 (0)
[6] : 0x64 (100)
[7] : 0x00 (0)
[8] : 0x6f (111)
[9] : 0x00 (0)
[10] : 0x77 (119)
[11] : 0x00 (0)
[12] : 0x73 (115)
[13] : 0x00 (0)
[14] : 0x20 (32)
[15] : 0x00 (0)
[16] : 0x4e (78)
[17] : 0x00 (0)
[18] : 0x54 (84)
[19] : 0x00 (0)
[20] : 0x20 (32)
[21] : 0x00 (0)
[22] : 0x78 (120)
[23] : 0x00 (0)
[24] : 0x38 (56)
[25] : 0x00 (0)
[26] : 0x36 (54)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x00 (0)
[31] : 0x00 (0)
[32] : 0x00 (0)
[33] : 0x00 (0)
[34] : 0x00 (0)
[35] : 0x00 (0)
[36] : 0x00 (0)
[37] : 0x00 (0)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x00 (0)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x00 (0)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
[54] : 0x00 (0)
[55] : 0x00 (0)
[56] : 0x00 (0)
[57] : 0x00 (0)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x00 (0)
[64] : 0x00 (0)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x00 (0)
[69] : 0x00 (0)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x00 (0)
[75] : 0x00 (0)
[76] : 0x00 (0)
[77] : 0x00 (0)
[78] : 0x00 (0)
[79] : 0x00 (0)
[80] : 0x00 (0)
[81] : 0x00 (0)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x00 (0)
[88] : 0x00 (0)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x00 (0)
[93] : 0x00 (0)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x00 (0)
[99] : 0x00 (0)
[100] : 0x00 (0)
[101] : 0x00 (0)
[102] : 0x00 (0)
[103] : 0x00 (0)
[104] : 0x00 (0)
[105] : 0x00 (0)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x00 (0)
[112] : 0x00 (0)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x00 (0)
[117] : 0x00 (0)
[118] : 0x00 (0)
[119] : 0x00 (0)
[120] : 0x00 (0)
[121] : 0x00 (0)
[122] : 0x00 (0)
[123] : 0x00 (0)
[124] : 0x00 (0)
[125] : 0x00 (0)
[126] : 0x00 (0)
[127] : 0x00 (0)
[128] : 0x00 (0)
[129] : 0x00 (0)
[130] : 0x00 (0)
[131] : 0x00 (0)
[132] : 0x00 (0)
[133] : 0x00 (0)
[134] : 0x00 (0)
[135] : 0x00 (0)
[136] : 0x00 (0)
[137] : 0x00 (0)
[138] : 0x00 (0)
[139] : 0x00 (0)
[140] : 0x00 (0)
[141] : 0x00 (0)
[142] : 0x00 (0)
[143] : 0x00 (0)
[144] : 0x00 (0)
[145] : 0x00 (0)
[146] : 0x00 (0)
[147] : 0x00 (0)
[148] : 0x00 (0)
[149] : 0x00 (0)
[150] : 0x00 (0)
[151] : 0x00 (0)
[152] : 0x00 (0)
[153] : 0x00 (0)
[154] : 0x00 (0)
[155] : 0x00 (0)
[156] : 0x00 (0)
[157] : 0x00 (0)
[158] : 0x00 (0)
[159] : 0x00 (0)
[160] : 0x00 (0)
[161] : 0x00 (0)
[162] : 0x00 (0)
[163] : 0x00 (0)
[164] : 0x00 (0)
[165] : 0x00 (0)
[166] : 0x00 (0)
[167] : 0x00 (0)
[168] : 0x00 (0)
[169] : 0x00 (0)
[170] : 0x00 (0)
[171] : 0x00 (0)
[172] : 0x00 (0)
[173] : 0x00 (0)
[174] : 0x00 (0)
[175] : 0x00 (0)
[176] : 0x00 (0)
[177] : 0x00 (0)
[178] : 0x00 (0)
[179] : 0x00 (0)
[180] : 0x00 (0)
[181] : 0x00 (0)
[182] : 0x00 (0)
[183] : 0x00 (0)
[184] : 0x00 (0)
[185] : 0x00 (0)
[186] : 0x00 (0)
[187] : 0x00 (0)
[188] : 0x00 (0)
[189] : 0x00 (0)
[190] : 0x00 (0)
[191] : 0x00 (0)
[192] : 0x00 (0)
[193] : 0x00 (0)
[194] : 0x00 (0)
[195] : 0x00 (0)
[196] : 0x00 (0)
[197] : 0x00 (0)
[198] : 0x00 (0)
[199] : 0x00 (0)
[200] : 0x00 (0)
[201] : 0x00 (0)
[202] : 0x00 (0)
[203] : 0x00 (0)
[204] : 0x00 (0)
[205] : 0x00 (0)
[206] : 0x00 (0)
[207] : 0x00 (0)
[208] : 0x00 (0)
[209] : 0x00 (0)
[210] : 0x00 (0)
[211] : 0x00 (0)
[212] : 0x00 (0)
[213] : 0x00 (0)
[214] : 0x00 (0)
[215] : 0x00 (0)
[216] : 0x00 (0)
[217] : 0x00 (0)
[218] : 0x00 (0)
[219] : 0x00 (0)
[220] : 0x00 (0)
[221] : 0x00 (0)
[222] : 0x00 (0)
[223] : 0x00 (0)
[224] : 0x00 (0)
[225] : 0x00 (0)
[226] : 0x00 (0)
[227] : 0x00 (0)
[228] : 0x00 (0)
[229] : 0x00 (0)
[230] : 0x00 (0)
[231] : 0x00 (0)
[232] : 0x00 (0)
[233] : 0x00 (0)
[234] : 0x00 (0)
[235] : 0x00 (0)
[236] : 0x00 (0)
[237] : 0x00 (0)
[238] : 0x00 (0)
[239] : 0x00 (0)
[240] : 0x00 (0)
[241] : 0x00 (0)
[242] : 0x00 (0)
[243] : 0x00 (0)
[244] : 0x00 (0)
[245] : 0x00 (0)
[246] : 0x00 (0)
[247] : 0x00 (0)
[248] : 0x00 (0)
[249] : 0x00 (0)
[250] : 0x00 (0)
[251] : 0x00 (0)
[252] : 0x00 (0)
[253] : 0x00 (0)
[254] : 0x00 (0)
[255] : 0x00 (0)
[256] : 0x00 (0)
[257] : 0x00 (0)
[258] : 0x00 (0)
[259] : 0x00 (0)
[260] : 0x00 (0)
[261] : 0x00 (0)
[262] : 0x00 (0)
[263] : 0x00 (0)
[264] : 0x00 (0)
[265] : 0x00 (0)
[266] : 0x00 (0)
[267] : 0x00 (0)
[268] : 0x00 (0)
[269] : 0x00 (0)
[270] : 0x00 (0)
[271] : 0x00 (0)
[272] : 0x00 (0)
[273] : 0x00 (0)
[274] : 0x00 (0)
[275] : 0x00 (0)
[276] : 0x00 (0)
[277] : 0x00 (0)
[278] : 0x00 (0)
[279] : 0x00 (0)
[280] : 0x00 (0)
[281] : 0x00 (0)
[282] : 0x00 (0)
[283] : 0x00 (0)
[284] : 0x00 (0)
[285] : 0x00 (0)
[286] : 0x00 (0)
[287] : 0x00 (0)
[288] : 0x00 (0)
[289] : 0x00 (0)
[290] : 0x00 (0)
[291] : 0x00 (0)
[292] : 0x00 (0)
[293] : 0x00 (0)
[294] : 0x00 (0)
[295] : 0x00 (0)
[296] : 0x00 (0)
[297] : 0x00 (0)
[298] : 0x00 (0)
[299] : 0x00 (0)
[300] : 0x00 (0)
[301] : 0x00 (0)
[302] : 0x00 (0)
[303] : 0x00 (0)
[304] : 0x00 (0)
[305] : 0x00 (0)
[306] : 0x00 (0)
[307] : 0x00 (0)
[308] : 0x00 (0)
[309] : 0x00 (0)
[310] : 0x00 (0)
[311] : 0x00 (0)
[312] : 0x00 (0)
[313] : 0x00 (0)
[314] : 0x00 (0)
[315] : 0x00 (0)
[316] : 0x00 (0)
[317] : 0x00 (0)
[318] : 0x00 (0)
[319] : 0x00 (0)
[320] : 0x00 (0)
[321] : 0x00 (0)
[322] : 0x00 (0)
[323] : 0x00 (0)
[324] : 0x00 (0)
[325] : 0x00 (0)
[326] : 0x00 (0)
[327] : 0x00 (0)
[328] : 0x00 (0)
[329] : 0x00 (0)
[330] : 0x00 (0)
[331] : 0x00 (0)
[332] : 0x00 (0)
[333] : 0x00 (0)
[334] : 0x00 (0)
[335] : 0x00 (0)
[336] : 0x00 (0)
[337] : 0x00 (0)
[338] : 0x00 (0)
[339] : 0x00 (0)
[340] : 0x00 (0)
[341] : 0x00 (0)
[342] : 0x00 (0)
[343] : 0x00 (0)
[344] : 0x00 (0)
[345] : 0x00 (0)
[346] : 0x00 (0)
[347] : 0x00 (0)
[348] : 0x00 (0)
[349] : 0x00 (0)
[350] : 0x00 (0)
[351] : 0x00 (0)
[352] : 0x00 (0)
[353] : 0x00 (0)
[354] : 0x00 (0)
[355] : 0x00 (0)
[356] : 0x00 (0)
[357] : 0x00 (0)
[358] : 0x00 (0)
[359] : 0x00 (0)
[360] : 0x00 (0)
[361] : 0x00 (0)
[362] : 0x00 (0)
[363] : 0x00 (0)
[364] : 0x00 (0)
[365] : 0x00 (0)
[366] : 0x00 (0)
[367] : 0x00 (0)
[368] : 0x00 (0)
[369] : 0x00 (0)
[370] : 0x00 (0)
[371] : 0x00 (0)
[372] : 0x00 (0)
[373] : 0x00 (0)
[374] : 0x00 (0)
[375] : 0x00 (0)
[376] : 0x00 (0)
[377] : 0x00 (0)
[378] : 0x00 (0)
[379] : 0x00 (0)
[380] : 0x00 (0)
[381] : 0x00 (0)
[382] : 0x00 (0)
[383] : 0x00 (0)
[384] : 0x00 (0)
[385] : 0x00 (0)
[386] : 0x00 (0)
[387] : 0x00 (0)
[388] : 0x00 (0)
[389] : 0x00 (0)
[390] : 0x00 (0)
[391] : 0x00 (0)
[392] : 0x00 (0)
[393] : 0x00 (0)
[394] : 0x00 (0)
[395] : 0x00 (0)
[396] : 0x00 (0)
[397] : 0x00 (0)
[398] : 0x00 (0)
[399] : 0x00 (0)
[400] : 0x00 (0)
[401] : 0x00 (0)
[402] : 0x00 (0)
[403] : 0x00 (0)
[404] : 0x00 (0)
[405] : 0x00 (0)
[406] : 0x00 (0)
[407] : 0x00 (0)
[408] : 0x00 (0)
[409] : 0x00 (0)
[410] : 0x00 (0)
[411] : 0x00 (0)
[412] : 0x00 (0)
[413] : 0x00 (0)
[414] : 0x00 (0)
[415] : 0x00 (0)
[416] : 0x00 (0)
[417] : 0x00 (0)
[418] : 0x00 (0)
[419] : 0x00 (0)
[420] : 0x00 (0)
[421] : 0x00 (0)
[422] : 0x00 (0)
[423] : 0x00 (0)
[424] : 0x00 (0)
[425] : 0x00 (0)
[426] : 0x00 (0)
[427] : 0x00 (0)
[428] : 0x00 (0)
[429] : 0x00 (0)
[430] : 0x00 (0)
[431] : 0x00 (0)
[432] : 0x00 (0)
[433] : 0x00 (0)
[434] : 0x00 (0)
[435] : 0x00 (0)
[436] : 0x00 (0)
[437] : 0x00 (0)
[438] : 0x00 (0)
[439] : 0x00 (0)
[440] : 0x00 (0)
[441] : 0x00 (0)
[442] : 0x00 (0)
[443] : 0x00 (0)
[444] : 0x00 (0)
[445] : 0x00 (0)
[446] : 0x00 (0)
[447] : 0x00 (0)
[448] : 0x00 (0)
[449] : 0x00 (0)
[450] : 0x00 (0)
[451] : 0x00 (0)
[452] : 0x00 (0)
[453] : 0x00 (0)
[454] : 0x00 (0)
[455] : 0x00 (0)
[456] : 0x00 (0)
[457] : 0x00 (0)
[458] : 0x00 (0)
[459] : 0x00 (0)
[460] : 0x00 (0)
[461] : 0x00 (0)
[462] : 0x00 (0)
[463] : 0x00 (0)
[464] : 0x00 (0)
[465] : 0x00 (0)
[466] : 0x00 (0)
[467] : 0x00 (0)
[468] : 0x00 (0)
[469] : 0x00 (0)
[470] : 0x00 (0)
[471] : 0x00 (0)
[472] : 0x00 (0)
[473] : 0x00 (0)
[474] : 0x00 (0)
[475] : 0x00 (0)
[476] : 0x00 (0)
[477] : 0x00 (0)
[478] : 0x00 (0)
[479] : 0x00 (0)
[480] : 0x00 (0)
[481] : 0x00 (0)
[482] : 0x00 (0)
[483] : 0x00 (0)
[484] : 0x00 (0)
[485] : 0x00 (0)
[486] : 0x00 (0)
[487] : 0x00 (0)
[488] : 0x00 (0)
[489] : 0x00 (0)
[490] : 0x00 (0)
[491] : 0x00 (0)
[492] : 0x00 (0)
[493] : 0x00 (0)
[494] : 0x00 (0)
[495] : 0x00 (0)
[496] : 0x00 (0)
[497] : 0x00 (0)
[498] : 0x00 (0)
[499] : 0x00 (0)
[500] : 0x00 (0)
[501] : 0x00 (0)
[502] : 0x00 (0)
[503] : 0x00 (0)
[504] : 0x00 (0)
[505] : 0x00 (0)
[506] : 0x00 (0)
[507] : 0x00 (0)
[508] : 0x00 (0)
[509] : 0x00 (0)
[510] : 0x00 (0)
[511] : 0x00 (0)
[512] : 0x00 (0)
[513] : 0x00 (0)
[514] : 0x00 (0)
[515] : 0x00 (0)
[516] : 0x00 (0)
[517] : 0x00 (0)
[518] : 0x00 (0)
[519] : 0x00 (0)
needed : *
needed : 0x0000001e (30)
result : WERR_OK
[2014/03/19 16:57:15.224112, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.224161, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.224206, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0230 (560)
auth_length : 0x0000 (0)
call_id : 0x00000003 (3)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000218 (536)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=536
[0000] 01 00 00 00 08 02 00 00 57 00 69 00 6E 00 64 00 ........ W.i.n.d.
[0010] 6F 00 77 00 73 00 20 00 4E 00 54 00 20 00 78 00 o.w.s. . N.T. .x.
[0020] 38 00 36 00 00 00 00 00 00 00 00 00 00 00 00 00 8.6..... ........
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[00F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[01F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0210] 1E 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:15.225170, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 536 bytes
[2014/03/19 16:57:15.225200, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 560
[2014/03/19 16:57:15.225249, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 63 going async
[2014/03/19 16:57:15.225282, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/64/31
[2014/03/19 16:57:15.225328, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.225488, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 560 bytes. There is no more data outstanding
[2014/03/19 16:57:15.225523, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 560 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:15.225554, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 560 status NT_STATUS_OK
[2014/03/19 16:57:15.225584, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:560] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.225614, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/64/31
[2014/03/19 16:57:15.225936, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.225981, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 64 (position 64) from bitmap
[2014/03/19 16:57:15.226057, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 64
[2014/03/19 16:57:15.226090, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.226133, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 64, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.226163, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 779041985
[2014/03/19 16:57:15.226194, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 88
[2014/03/19 16:57:15.226222, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 88
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 88
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.226380, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 88
[2014/03/19 16:57:15.226429, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.226495, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.226528, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.226558, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.226602, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.226634, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.226663, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.227184, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.227347, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.227380, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.227415, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA
[2014/03/19 16:57:15.227447, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[26].fn == 0x7f5de30310d9
[2014/03/19 16:57:15.227492, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
in: struct spoolss_GetPrinterData
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001f-0000-0000-2953-5bbe88600000
value_name : 'MajorVersion'
offered : 0x00000004 (4)
[2014/03/19 16:57:15.227596, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.227669, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9502(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx
[2014/03/19 16:57:15.227697, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:9505(_spoolss_GetPrinterDataEx)
_spoolss_GetPrinterDataEx: key => [PrinterDriverData], value => [MajorVersion]
[2014/03/19 16:57:15.227725, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/spoolss/srv_spoolss_nt.c:2282(getprinterdata_printer_server)
getprinterdata_printer_server:MajorVersion
[2014/03/19 16:57:15.227758, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_GetPrinterData: struct spoolss_GetPrinterData
out: struct spoolss_GetPrinterData
type : *
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x03 (3)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
needed : *
needed : 0x00000004 (4)
result : WERR_OK
[2014/03/19 16:57:15.227920, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.227968, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.228036, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x002c (44)
auth_length : 0x0000 (0)
call_id : 0x00000004 (4)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000014 (20)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=20
[0000] 04 00 00 00 04 00 00 00 03 00 00 00 04 00 00 00 ........ ........
[0010] 00 00 00 00 ....
[2014/03/19 16:57:15.228388, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 20 bytes
[2014/03/19 16:57:15.228428, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 44
[2014/03/19 16:57:15.228477, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 64 going async
[2014/03/19 16:57:15.228510, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/65/31
[2014/03/19 16:57:15.228539, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.228720, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 44 bytes. There is no more data outstanding
[2014/03/19 16:57:15.228765, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 44 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:15.228796, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 44 status NT_STATUS_OK
[2014/03/19 16:57:15.228826, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:44] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.228856, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/65/31
[2014/03/19 16:57:15.240134, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.240203, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 65 (position 65) from bitmap
[2014/03/19 16:57:15.240233, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_IOCTL] mid = 65
[2014/03/19 16:57:15.240275, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.240307, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 65, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:15.240348, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:394(smbd_smb2_ioctl_send)
smbd_smb2_ioctl: ctl_code[0x0011c017] spoolss, fnum 779041985
[2014/03/19 16:57:15.240379, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:61(smb2_ioctl_named_pipe)
smbd_smb2_ioctl_send: np_write_send of size 44
[2014/03/19 16:57:15.240405, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 44
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 56
req->in.vector[4].iov_len = 44
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:15.240571, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:119(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: received 44
[2014/03/19 16:57:15.240627, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:140(smbd_smb2_ioctl_pipe_write_done)
smbd_smb2_ioctl_pipe_write_done: issuing np_read_send of size 1024
[2014/03/19 16:57:15.240698, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:15.240732, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 0
[2014/03/19 16:57:15.240772, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1439(dcesrv_auth_request)
Checking request auth.
[2014/03/19 16:57:15.240805, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(100000500, 100000513) : sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.240838, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
setting sec ctx (100000500, 100000513) - sec_ctx_stack_ndx = 1
[2014/03/19 16:57:15.240868, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (21):
SID[ 0]: S-1-5-21-2999458101-3634337955-1355572417-500
SID[ 1]: S-1-5-21-2999458101-3634337955-1355572417-513
SID[ 2]: S-1-5-21-2999458101-3634337955-1355572417-520
SID[ 3]: S-1-5-21-2999458101-3634337955-1355572417-512
SID[ 4]: S-1-18-1
SID[ 5]: S-1-1-0
SID[ 6]: S-1-5-2
SID[ 7]: S-1-5-11
SID[ 8]: S-1-5-32-545
SID[ 9]: S-1-5-32-544
SID[ 10]: S-1-22-1-100000500
SID[ 11]: S-1-22-2-100000500
SID[ 12]: S-1-22-2-100000513
SID[ 13]: S-1-22-2-100000520
SID[ 14]: S-1-22-2-100000512
SID[ 15]: S-1-22-2-1000008
SID[ 16]: S-1-22-2-1000002
SID[ 17]: S-1-22-2-1000003
SID[ 18]: S-1-22-2-1000009
SID[ 19]: S-1-22-2-1000001
SID[ 20]: S-1-22-2-1000000
Privileges (0x 1FFFFFF0):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
[2014/03/19 16:57:15.242681, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/auth/token_util.c:528(debug_unix_user_token)
UNIX token of user 100000500
Primary group is 100000513 and contains 10 supplementary groups
Group[ 0]: 100000500
Group[ 1]: 100000513
Group[ 2]: 100000520
Group[ 3]: 100000512
Group[ 4]: 1000008
Group[ 5]: 1000002
Group[ 6]: 1000003
Group[ 7]: 1000009
Group[ 8]: 1000001
Group[ 9]: 1000000
[2014/03/19 16:57:15.243347, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user)
Impersonated user: uid=(100000500,100000500), gid=(0,100000513)
[2014/03/19 16:57:15.243476, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1292(api_pipe_request)
Requested spoolss rpc service
[2014/03/19 16:57:15.243601, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1317(api_rpcTNP)
api_rpcTNP: spoolss op 0x1d - api_rpcTNP: rpc command: SPOOLSS_CLOSEPRINTER
[2014/03/19 16:57:15.243722, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1357(api_rpcTNP)
api_rpc_cmds[29].fn == 0x7f5de30319b4
[2014/03/19 16:57:15.243818, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
in: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000001f-0000-0000-2953-5bbe88600000
[2014/03/19 16:57:15.244456, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.244643, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.244826, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 29 53 5B BE ........ ....)S[.
[0010] 88 60 00 00 .`..
[2014/03/19 16:57:15.244963, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd)
Closed policy
[2014/03/19 16:57:15.244993, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
spoolss_ClosePrinter: struct spoolss_ClosePrinter
out: struct spoolss_ClosePrinter
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
[2014/03/19 16:57:15.245250, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1384(api_rpcTNP)
api_rpcTNP: called spoolss successfully
[2014/03/19 16:57:15.245341, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx)
pop_sec_ctx (100000500, 100000513) - sec_ctx_stack_ndx = 0
[2014/03/19 16:57:15.245391, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_RESPONSE (2)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0030 (48)
auth_length : 0x0000 (0)
call_id : 0x00000005 (5)
u : union dcerpc_payload(case 2)
response: struct dcerpc_response
alloc_hint : 0x00000018 (24)
context_id : 0x0000 (0)
cancel_count : 0x00 (0)
_pad : DATA_BLOB length=0
stub_and_verifier : DATA_BLOB length=24
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 ........
[2014/03/19 16:57:15.246457, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 24 bytes
[2014/03/19 16:57:15.246580, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 48
[2014/03/19 16:57:15.246806, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1459(smbd_smb2_request_pending_timer)
smbd_smb2_request_pending_queue: opcode[SMB2_OP_IOCTL] mid 65 going async
[2014/03/19 16:57:15.247145, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/66/31
[2014/03/19 16:57:15.247318, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1554(smbd_smb2_request_pending_timer)
state->vector[0/5].iov_len = 4
state->vector[1/5].iov_len = 0
state->vector[2/5].iov_len = 64
state->vector[3/5].iov_len = 8
state->vector[4/5].iov_len = 1
[2014/03/19 16:57:15.247868, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 48 bytes. There is no more data outstanding
[2014/03/19 16:57:15.247915, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl_named_pipe.c:169(smbd_smb2_ioctl_pipe_read_done)
smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = 48 is_data_outstanding = 0, status = NT_STATUS_OK
[2014/03/19 16:57:15.247953, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_ioctl.c:291(smbd_smb2_request_ioctl_done)
smbd_smb2_request_ioctl_done: smbd_smb2_ioctl_recv returned 48 status NT_STATUS_OK
[2014/03/19 16:57:15.247994, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[48] dyn[yes:48] at ../source3/smbd/smb2_ioctl.c:358
[2014/03/19 16:57:15.248099, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 0, current possible/max 481/512, total granted/max/low/range 31/8192/66/31
[2014/03/19 16:57:15.248592, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:15.248628, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 66 (position 66) from bitmap
[2014/03/19 16:57:15.248659, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CLOSE] mid = 66
[2014/03/19 16:57:15.248701, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:15.248734, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_close.c:185(smbd_smb2_close)
smbd_smb2_close: spoolss - fnum 779041985
[2014/03/19 16:57:15.248781, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.248876, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:15.248946, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key 30072C75
[2014/03/19 16:57:15.248983, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586da50
[2014/03/19 16:57:15.249125, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key 30072C75
[2014/03/19 16:57:15.249158, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:15.249191, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:15.249250, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe)
Deleted handle list for RPC connection spoolss
[2014/03/19 16:57:15.249302, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:524(file_free)
freed files structure 779041985 (0 used)
[2014/03/19 16:57:15.249337, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[60] dyn[no:0] at ../source3/smbd/smb2_close.c:139
[2014/03/19 16:57:15.249374, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/67/31
[2014/03/19 16:57:17.751809, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:17.751943, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 67 (position 67) from bitmap
[2014/03/19 16:57:17.751990, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_CREATE] mid = 67
[2014/03/19 16:57:17.752072, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:17.752142, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:447(smbd_smb2_create_send)
smbd_smb2_create: name[spoolss]
[2014/03/19 16:57:17.752202, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:17.752244, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:/var/lib/samba/smbXsrv_open_global.tdb 2:<none> 3:<none>
[2014/03/19 16:57:17.752289, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Locking key DE020EA0
[2014/03/19 16:57:17.752344, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal)
Allocated locked data 0x0x7f5de586c220
[2014/03/19 16:57:17.752426, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:698(smbXsrv_open_global_store)
smbXsrv_open_global_store: key 'DE020EA0' stored
[2014/03/19 16:57:17.752473, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&global_blob: struct smbXsrv_open_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_open_globalU(case 0)
info0 : *
info0: struct smbXsrv_open_global0
db_rec : *
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0xde020ea0 (3724676768)
open_persistent_id : 0x00000000de020ea0 (3724676768)
open_volatile_id : 0x0000000090f2f07d (2431840381)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:18 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
[2014/03/19 16:57:17.752931, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key)
Unlocking key DE020EA0
[2014/03/19 16:57:17.752993, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
release lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
[2014/03/19 16:57:17.753054, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
lock order: 1:<none> 2:<none> 3:<none>
[2014/03/19 16:57:17.753106, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smbXsrv_open.c:871(smbXsrv_open_create)
smbXsrv_open_create: global_id (0xde020ea0) stored
[2014/03/19 16:57:17.753146, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&open_blob: struct smbXsrv_openB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_openU(case 0)
info0 : *
info0: struct smbXsrv_open
table : *
db_rec : NULL
local_id : 0x90f2f07d (2431840381)
global : *
global: struct smbXsrv_open_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000006088 (24712)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xbaf687627b33e8dd (-4974639881340589859)
open_global_id : 0xde020ea0 (3724676768)
open_persistent_id : 0x00000000de020ea0 (3724676768)
open_volatile_id : 0x0000000090f2f07d (2431840381)
open_owner : S-1-5-21-2999458101-3634337955-1355572417-500
open_time : Wed Mar 19 04:57:18 PM 2014 CET
create_guid : 00000000-0000-0000-0000-000000000000
client_guid : fb516d75-adcf-11e3-a4ab-0800274a4c7e
app_instance_id : 00000000-0000-0000-0000-000000000000
disconnect_time : NTTIME(0)
durable_timeout_msec : 0x00000000 (0)
durable : 0x00 (0)
backend_cookie : DATA_BLOB length=0
status : NT_STATUS_OK
idle_time : Wed Mar 19 04:57:18 PM 2014 CET
compat : NULL
[2014/03/19 16:57:17.753659, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:125(file_new)
allocated file structure fnum 2431840381 (1 used)
[2014/03/19 16:57:17.753755, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/files.c:752(file_name_hash)
file_name_hash: /tmp/spoolss hash 0x7d4e46e5
[2014/03/19 16:57:17.753873, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:89(make_internal_rpc_pipe_socketpair)
Create of internal pipe spoolss requested
[2014/03/19 16:57:17.754224, 8, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/dosmode.c:698(dos_mode)
dos_mode: spoolss
[2014/03/19 16:57:17.754383, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_create.c:1090(smbd_smb2_create_send)
smbd_smb2_create_send: spoolss - fnum 2431840381
[2014/03/19 16:57:17.754550, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[88] dyn[yes:0] at ../source3/smbd/smb2_create.c:364
[2014/03/19 16:57:17.754701, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/68/31
[2014/03/19 16:57:17.755333, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:17.755399, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 68 (position 68) from bitmap
[2014/03/19 16:57:17.755451, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_WRITE] mid = 68
[2014/03/19 16:57:17.755504, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:17.755586, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 68, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:17.755641, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_write.c:271(smbd_smb2_write_send)
smbd_smb2_write: spoolss - fnum 2431840381
[2014/03/19 16:57:17.755694, 6, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:172(np_write_send)
np_write_send: len: 160
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 160
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:17.756173, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:0] at ../source3/smbd/smb2_write.c:150
[2014/03/19 16:57:17.756322, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:893(smb2_set_operation_credit)
smb2_set_operation_credit: requested 1, charge 1, granted 1, current possible/max 482/512, total granted/max/low/range 31/8192/69/31
[2014/03/19 16:57:17.756743, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:441(named_pipe_packet_process)
PDU is in Little Endian format!
[2014/03/19 16:57:17.756854, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1564(process_complete_pdu)
Processing packet type 11
[2014/03/19 16:57:17.756953, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:598(api_pipe_bind_req)
api_pipe_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:17.757367, 5, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:631(api_pipe_bind_req)
api_pipe_bind_req: make response. 631
[2014/03/19 16:57:17.757462, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:343(check_bind_req)
check_bind_req for spoolss
[2014/03/19 16:57:17.757599, 3, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:350(check_bind_req)
check_bind_req: spoolss -> spoolss rpc service
[2014/03/19 16:57:17.757705, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles)
init_pipe_handle_list: created handle list for pipe spoolss
[2014/03/19 16:57:17.757797, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles)
init_pipe_handle_list: pipe_handles ref count = 1 for pipe spoolss
[2014/03/19 16:57:17.757916, 1, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\spoolss'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
reason : union dcerpc_bind_ack_reason(case 0)
value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
syntax: struct ndr_syntax_id
uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
if_version : 0x00000002 (2)
auth_info : DATA_BLOB length=0
[2014/03/19 16:57:17.758819, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:509(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/19 16:57:17.758847, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/rpc_server/rpc_server.c:514(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 68
[2014/03/19 16:57:17.758907, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:3312(smbd_smb2_io_handler)
smbd_smb2_request idx[1] of 5 vectors
[2014/03/19 16:57:17.758937, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:640(smb2_validate_sequence_number)
smb2_validate_sequence_number: clearing id 69 (position 69) from bitmap
[2014/03/19 16:57:17.758964, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1923(smbd_smb2_request_dispatch)
smbd_smb2_request_dispatch: opcode[SMB2_OP_READ] mid = 69
[2014/03/19 16:57:17.758993, 4, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/uid.c:384(change_to_user)
Skipping user change - already user
[2014/03/19 16:57:17.759038, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:1825(smbd_smb2_request_verify_creditcharge)
mid 69, CreditCharge: 1, NeededCharge: 1
[2014/03/19 16:57:17.759078, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_read.c:399(smbd_smb2_read_send)
smbd_smb2_read: spoolss - fnum 2431840381
smbd_smb2_request_pending_queue: req->current_idx = 1
req->in.vector[0].iov_len = 0
req->in.vector[1].iov_len = 0
req->in.vector[2].iov_len = 64
req->in.vector[3].iov_len = 48
req->in.vector[4].iov_len = 1
req->out.vector[0].iov_len = 4
req->out.vector[1].iov_len = 0
req->out.vector[2].iov_len = 64
req->out.vector[3].iov_len = 8
req->out.vector[4].iov_len = 0
[2014/03/19 16:57:17.759233, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe_hnd.c:417(np_read_recv)
Received 68 bytes. There is no more data outstanding
[2014/03/19 16:57:17.759265, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd/smb2_server.c:2548(smbd_smb2_request_done_ex)
smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_OK] body[16] dyn[yes:68] at ../source3/smbd/smb2_read.c:154
[2014/03/19 16:57:17.759294, 10, pid=24712, effective(100000500, 100000513), real(100000500, 0)] ../source3/smbd